registry  /  @usesuperflow/toolbar  /  1.0.167

@usesuperflow/toolbar@1.0.167

AI Security Review

scanned 9d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is a bundled browser toolbar that loads a collaboration SDK and talks to Superflow/Velt/Firebase-aligned services during configured runtime use.

Static reason
One or more suspicious static signals were detected.
Trigger
Browser imports superflow.js or loads configured toolbar script with apiKey/window variables/snippyly-plugin attributes.
Impact
Expected review/comment toolbar functionality; no unauthorized install-time or host-file impact identified.
Mechanism
Browser custom element toolbar with remote SDK loading and product API calls
Rationale
The suspicious primitives are browser product behavior for a Superflow toolbar: remote SDK/assets, local/session storage, and optional screenshot attachment are user/configuration driven and package-aligned. No install-time execution, exfiltration, shell/native execution, persistence, destructive behavior, or reviewer/agent manipulation was found.
Evidence
package.jsonsuperflow.jssuperflow.min.js
Network endpoints9
cdn.jsdelivr.net/npm/@veltdev/sdk@.../velt.jsus-central1-snipply-sdk-staging.cloudfunctions.net/getprivatenpmpackagefileapp.usesuperflow.comdrive.usesuperflow.comsuperflow-portal-v2-staging.firebaseapp.comsuperflow-file-viewer-staging.web.appfirebasestorage.googleapis.comdrive.google.comwww.usesuperflow.com

Decision evidence

public snapshot
AI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
  • superflow.js injects remote Velt SDK script from jsdelivr/cloudfunctions or caller proxyDomain at runtime.
  • superflow.js can request native screen capture and attach screenshots to comments when toolbar feature is enabled.
  • superflow.js reads apiKey/projectId from script URL, window variables, or snippyly-plugin attributes and stores toolbar state in local/session storage.
Evidence against
  • package.json has no install/preinstall/postinstall lifecycle hooks; main is superflow.js.
  • Only package files are package.json, superflow.js, and superflow.min.js; no native binaries or dropped payloads found.
  • Network use is aligned with a browser toolbar/review product: Velt SDK, Superflow app/assets, Firebase storage, Google Drive images.
  • No child_process, fs writes, persistence outside browser storage, credential harvesting, or AI-agent control-surface mutation found.
  • Import-time behavior defines custom elements and auto-adds toolbar only when configured apiKey is present.
Behavioral surface
Source
ChildProcessEnvironmentVarsNetwork
Supply chain
HighEntropyStringsMinifiedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 1.18 MB of source, external domains: apis.google.com, app.usesuperflow.com, cdn.jsdelivr.net, cdn.velt.dev, drive.google.com, firebasestorage.googleapis.com, fonts.googleapis.com, join.slack.com, us-central1-snipply-sdk-staging.cloudfunctions.net, us-central1-snippyly-sdk-prod.cloudfunctions.net, www.apache.org, www.google.com, www.usesuperflow.com, www.w3.org

Source & flagged code

3 flagged · loading source
superflow.jsView file
1545patternName = google_api_key severity = high line = 1545 matchedText = calc(${t...d=r`
High
High Secret

Package contains a high-severity secret pattern.

superflow.jsView on unpkg · L1545
1545patternName = google_api_key severity = high line = 1545 matchedText = calc(${t...d=r`
High
Secret Pattern

Google API key in superflow.js

superflow.jsView on unpkg · L1545
superflow.min.jsView file
1545patternName = google_api_key severity = high line = 1545 matchedText = calc(${t...d=a`
High
Secret Pattern

Google API key in superflow.min.js

superflow.min.jsView on unpkg · L1545

Findings

3 High2 Medium3 Low
HighHigh Secretsuperflow.js
HighSecret Patternsuperflow.js
HighSecret Patternsuperflow.min.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings