AI Security Review
scanned 9d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a bundled browser toolbar that loads a collaboration SDK and talks to Superflow/Velt/Firebase-aligned services during configured runtime use.
Static reason
One or more suspicious static signals were detected.
Trigger
Browser imports superflow.js or loads configured toolbar script with apiKey/window variables/snippyly-plugin attributes.
Impact
Expected review/comment toolbar functionality; no unauthorized install-time or host-file impact identified.
Mechanism
Browser custom element toolbar with remote SDK loading and product API calls
Rationale
The suspicious primitives are browser product behavior for a Superflow toolbar: remote SDK/assets, local/session storage, and optional screenshot attachment are user/configuration driven and package-aligned. No install-time execution, exfiltration, shell/native execution, persistence, destructive behavior, or reviewer/agent manipulation was found.
Evidence
package.jsonsuperflow.jssuperflow.min.js
Network endpoints9
cdn.jsdelivr.net/npm/@veltdev/sdk@.../velt.jsus-central1-snipply-sdk-staging.cloudfunctions.net/getprivatenpmpackagefileapp.usesuperflow.comdrive.usesuperflow.comsuperflow-portal-v2-staging.firebaseapp.comsuperflow-file-viewer-staging.web.appfirebasestorage.googleapis.comdrive.google.comwww.usesuperflow.com
Decision evidence
public snapshotAI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
- superflow.js injects remote Velt SDK script from jsdelivr/cloudfunctions or caller proxyDomain at runtime.
- superflow.js can request native screen capture and attach screenshots to comments when toolbar feature is enabled.
- superflow.js reads apiKey/projectId from script URL, window variables, or snippyly-plugin attributes and stores toolbar state in local/session storage.
Evidence against
- package.json has no install/preinstall/postinstall lifecycle hooks; main is superflow.js.
- Only package files are package.json, superflow.js, and superflow.min.js; no native binaries or dropped payloads found.
- Network use is aligned with a browser toolbar/review product: Velt SDK, Superflow app/assets, Firebase storage, Google Drive images.
- No child_process, fs writes, persistence outside browser storage, credential harvesting, or AI-agent control-surface mutation found.
- Import-time behavior defines custom elements and auto-adds toolbar only when configured apiKey is present.
Behavioral surface
ChildProcessEnvironmentVarsNetwork
HighEntropyStringsMinifiedUrlStrings
Source & flagged code
3 flagged · loading sourcesuperflow.jsView file
1545patternName = google_api_key
severity = high
line = 1545
matchedText = calc(${t...d=r`
High
1545patternName = google_api_key
severity = high
line = 1545
matchedText = calc(${t...d=r`
High
superflow.min.jsView file
1545patternName = google_api_key
severity = high
line = 1545
matchedText = calc(${t...d=a`
High
Findings
3 High2 Medium3 Low
HighHigh Secretsuperflow.js
HighSecret Patternsuperflow.js
HighSecret Patternsuperflow.min.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings