registry  /  @whfzgyx/ojo-canvas-sdk  /  0.1.2

@whfzgyx/ojo-canvas-sdk@0.1.2

`@touchine/ojo-canvas-sdk` is the browser-facing OJO project canvas SDK.

AI Security Review

scanned 2d ago · by lpm-firewall-ai

No confirmed malicious attack surface is established by source inspection. The package is a browser SDK/runtime that mounts a canvas iframe and uses host-provided project, resource, state, and bridge endpoints.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
User imports mountOjoCanvas or serves dist/runtime in a browser host.
Impact
Runtime can communicate with configured project/bridge endpoints and load documented static assets; no install-time mutation or credential exfiltration found.
Mechanism
browser canvas runtime with iframe postMessage and host-configured network bridge
Rationale
Static inspection found a large bundled browser canvas SDK with documented network/runtime behavior, not install-time execution, exfiltration, persistence, destructive actions, or agent control-surface mutation. The scope/name mismatch is suspicious packaging provenance, but source facts do not support a malicious verdict.
Evidence
package.jsonREADME.mddist/host/index.jsdist/runtime/manifest.jsondist/runtime/index.htmldist/runtime/assets/src-Bek_MNDM.jsdist/runtime/assets/contribution-Dsdf2OEM.jsdist/runtime/assets/preview-mode-utils-BsVumX2C.jsdist/runtime/assets/ja-CO70Pb1Z.js
Network endpoints9
irise-web-canvas-public-assets.rogerhorsleymorris.workers.dev/irise-web-canvas-public-assets.rogerhorsleymorris.workers.dev/images/ojo-logo.svgirise-web-canvas-public-assets.rogerhorsleymorris.workers.dev/animation/ojo_animation.jsonirise-web-canvas-public-assets.rogerhorsleymorris.workers.dev/sounds/prototype-success.mp3fonts.googleapis.com/fonts.gstatic.com/cdn.jsdelivr.net/react.dev/ojo.dev/

Decision evidence

public snapshot
AI called this Clean at 82.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • Package identity is inconsistent: package.json is @whfzgyx/ojo-canvas-sdk while README and host message constants reference @touchine/ojo-canvas-sdk.
  • Bundled runtime exposes OJO/Codex canvas bridge and debug services at runtime, but only inside the browser app surface.
Evidence against
  • package.json has no preinstall/install/postinstall hooks; only build/test/prepack scripts are declared.
  • dist/host/index.js only creates an iframe, posts config to the runtime origin, and exposes update/unmount helpers.
  • dist/runtime/manifest.json and README document a browser canvas runtime with CDN assets and host-provided endpoints.
  • No child_process, filesystem writes, credential harvesting, npmrc/ssh access, or install-time execution found in inspected entrypoints.
  • Trojan-source scan for bidi/invisible controls in JS assets produced no matches.
  • Network URLs are mostly documented/runtime assets, framework docs, fonts, and host-configured project/bridge endpoints.
Behavioral surface
Source
ChildProcessDynamicRequireFilesystemNetwork
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
Manifest
NoLicense
scanned 20 file(s), 3.39 MB of source, external domains: fb.me, figma.com, github.com, irise-resources-staging-us-east-1-972778198637.s3.us-east-1.amazonaws.com, irise-web-canvas-public-assets.rogerhorsleymorris.workers.dev, ojo.dev, prosemirror.net, radix-ui.com, react.dev, reactrouter.com, www.w3.org
Oversized source lightweight scan
dist/runtime/assets/contribution-Dsdf2OEM.js3.71 MB file, sampled 256 KB
ChildProcessMinifiedUrlStringsirise-web-canvas-public-assets.rogerhorsleymorris.workers.devwww.w3.org

Source & flagged code

4 flagged · loading source
dist/runtime/assets/preview-mode-utils-BsVumX2C.jsView file
31patternName = google_api_key severity = high line = 31 matchedText = caused b...it(`
High
High Secret

Package contains a high-severity secret pattern.

dist/runtime/assets/preview-mode-utils-BsVumX2C.jsView on unpkg · L31
31patternName = google_api_key severity = high line = 31 matchedText = caused b...it(`
High
Secret Pattern

Google API key in dist/runtime/assets/preview-mode-utils-BsVumX2C.js

dist/runtime/assets/preview-mode-utils-BsVumX2C.jsView on unpkg · L31
dist/runtime/assets/ja-CO70Pb1Z.jsView file
3contains invisible/control Unicode U+200B (zero width space) これでターミナルに戻ることができます。`,authorizedCode:`認証されたデバイスコード`,authorizeAnother:`別のデバイスを認証する`,returnHome:`家に帰る`},confirm:{eyebrow:`CLI デバイスの認証`,title:`Ojo CLIを認可する`,description:`Ojo CLI へのアクセスを確認します。`,browserCode:`ブラウザ確認コード`,deviceCode:`デバイスコード`,approv
Critical
Trojan Source Unicode

Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

dist/runtime/assets/ja-CO70Pb1Z.jsView on unpkg · L3
dist/runtime/assets/contribution-Dsdf2OEM.jsView file
path = [redacted]-Dsdf2OEM.js kind = oversized_source_file sizeBytes = 3890545 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

dist/runtime/assets/contribution-Dsdf2OEM.jsView on unpkg

Findings

1 Critical3 High3 Medium6 Low
CriticalTrojan Source Unicodedist/runtime/assets/ja-CO70Pb1Z.js
HighHigh Secretdist/runtime/assets/preview-mode-utils-BsVumX2C.js
HighOversized Source Filedist/runtime/assets/contribution-Dsdf2OEM.js
HighSecret Patterndist/runtime/assets/preview-mode-utils-BsVumX2C.js
MediumDynamic Require
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License