registry  /  @usesuperflow/toolbar  /  1.0.168

@usesuperflow/toolbar@1.0.168

AI Security Review

scanned 8d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is a browser toolbar bundle that loads the Velt SDK, stores product state in web storage, and talks to Superflow/Velt/Firebase services.

Static reason
One or more suspicious static signals were detected.
Trigger
Browser page imports/loads superflow.js and provides an API key via URL, window variable, or element attribute.
Impact
Expected collaboration/review toolbar behavior; no install-time or host filesystem impact found.
Mechanism
Browser custom element toolbar with product network calls and user-permission screenshot attachment.
Rationale
The suspicious signals are explained by a bundled browser collaboration toolbar using public Firebase config, product APIs, web storage, and user-invoked screenshot capture. I found no install-time execution, filesystem access, credential harvesting, persistence, destructive behavior, or unconsented AI-agent control mutation.
Evidence
package.jsonsuperflow.jssuperflow.min.js
Network endpoints8
cdn.jsdelivr.net/npm/@veltdev/sdk@us-central1-snipply-sdk-staging.cloudfunctions.net/getprivatenpmpackagefileapi.velt.dev/saapi.velt.dev/v2/sf/tbapp.usesuperflow.com/firebasestorage.googleapis.comus-central1-snippyly-sdk-prod.cloudfunctions.net/getqrcodewww.google.com/recaptcha/api.js

Decision evidence

public snapshot
AI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
  • superflow.js dynamically injects Velt SDK from cdn.jsdelivr.net or snipply staging Cloud Function during browser runtime.
  • superflow.js includes Firebase public config and calls Cloud Functions for analytics/auth/project state.
  • superflow.js can capture screenshots via browser screen-sharing APIs and attach them to comments, gated by user permission/UI.
Evidence against
  • package.json has no install/preinstall/postinstall lifecycle scripts and main is a browser bundle.
  • Entrypoint defines custom elements superflow-toolbar/snippyly-plugin and initializes only in a DOM/browser context.
  • Network hosts are Superflow/Velt/Firebase/Google asset and API endpoints aligned with a collaboration toolbar.
  • No child_process, fs writes, destructive actions, credential-file harvesting, or AI-agent control-surface writes found.
  • process.env/document.cookie hits are bundled Firebase defaults handling, not package credential exfiltration.
Behavioral surface
Source
ChildProcessEnvironmentVarsNetwork
Supply chain
HighEntropyStringsMinifiedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 1.17 MB of source, external domains: apis.google.com, app.usesuperflow.com, cdn.jsdelivr.net, cdn.velt.dev, drive.google.com, firebasestorage.googleapis.com, fonts.googleapis.com, join.slack.com, us-central1-snipply-sdk-staging.cloudfunctions.net, us-central1-snippyly-sdk-prod.cloudfunctions.net, www.apache.org, www.google.com, www.usesuperflow.com, www.w3.org

Source & flagged code

3 flagged · loading source
superflow.jsView file
1545patternName = google_api_key severity = high line = 1545 matchedText = calc(${t...d=r`
High
High Secret

Package contains a high-severity secret pattern.

superflow.jsView on unpkg · L1545
1545patternName = google_api_key severity = high line = 1545 matchedText = calc(${t...d=r`
High
Secret Pattern

Google API key in superflow.js

superflow.jsView on unpkg · L1545
superflow.min.jsView file
1545patternName = google_api_key severity = high line = 1545 matchedText = calc(${t...d=a`
High
Secret Pattern

Google API key in superflow.min.js

superflow.min.jsView on unpkg · L1545

Findings

3 High2 Medium3 Low
HighHigh Secretsuperflow.js
HighSecret Patternsuperflow.js
HighSecret Patternsuperflow.min.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings