AI Security Review
scanned 7d ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package exposes deployment and smoke-test helpers that can run shell commands or make requests only when consumers invoke those exported functions.
Static reason
One or more suspicious static signals were detected.
Trigger
Consumer imports and calls exported helpers such as deploy(), docker(), kaniko(), site(), mfe(), healthcheck(), or webhooks().
Impact
Expected CDK deploys, Docker/Kaniko image pushes, Lambda invokes, and HTTP smoke checks against caller/CDK-supplied targets.
Mechanism
User-invoked deployment/smoke-test automation
Rationale
Static inspection found deployment and smoke-test primitives, but no install-time/import-time execution, hidden endpoint, credential theft, persistence, destructive behavior, or reviewer/prompt manipulation. The suspicious shell and request behavior is package-aligned and activated by explicit user calls, so this should not be blocked.
Evidence
package.jsonindex.jsdeploy.jsdocker.jskaniko.jshealthcheck.jsmfe.jssite.jswebhooks.jslambda.jscdk.outcdk.out/cloudformation.ymlcdk.out/cdk-outputs.jsoncdk.out/kaniko.logs.txt<path>/Dockerfile
Network endpoints2
vyriy.dev/docs/scripts/github.com/evheniy/vyriy
Decision evidence
public snapshotAI called this Clean at 92.0% confidence as Benign with low false-positive risk.
Evidence for block
- deploy.js and docker.js/kaniko.js run shell commands when exported script functions are explicitly invoked
- Network requests in healthcheck.js, mfe.js, site.js, webhooks.js target CDK output URLs or caller-provided paths
- kaniko.js interpolates caller-provided path into an exec command, a dangerous primitive in a deployment helper
Evidence against
- package.json has no lifecycle scripts or bin entries; import surface is exports/main only
- index.js only re-exports modules and has no import-time execution
- No credential harvesting, hidden exfiltration endpoint, persistence, destructive command, eval/vm, dynamic require, or binary/native payload found
- Shell usage is aligned with documented CDK/Docker/Kaniko deployment helpers and is user-invoked
- No AI-agent control-surface writes; AGENTS.md is package guidance only
Behavioral surface
ChildProcessShell
Source & flagged code
2 flagged · loading sourcekaniko.jsView file
9logger.info('Repository:', repository);
L10: await exec(`/kaniko/executor \
L11: --context "${path}" \
High
deploy.jsView file
7await exec('mkdir cdk.out');
L8: await exec('npx cdk synth > cdk.out/cloudformation.yml');
L9: await exec('npx aws-cdk diff');
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
deploy.jsView on unpkg · L7Findings
3 High
HighChild Processkaniko.js
HighShell
HighRuntime Package Installdeploy.js