AI Security Review
scanned 2h ago · by lpm-firewall-aiThe main risk is shipped repository access credentials embedded in the CLI bundle. They are used by explicit init/create commands to clone package-owned Bitbucket repositories, not by install-time code.
Decision evidence
public snapshot- index.bundle.js embeds three Bitbucket access tokens as defaults for XFRAMEWORK_BB_TOKEN_API/UI/CP.
- index.bundle.js builds authenticated https://x-token-auth URLs for bitbucket.org/contentactivedev/{xframework-api,xframework,xframework-customer}.git.
- index.bundle.js init/create commands clone remote repos and delete/rewrite target project directories on explicit user command.
- index.bundle.js run/start commands spawn dotnet/npm/pg_dump/psql and write logs/config under xFramework project or ~/.xFramework.
- package.json has no preinstall/install/postinstall hook; only prepublishOnly build script.
- CLI actions are command-invoked; no import-time credential harvesting or broad filesystem scan found.
- Network endpoints are package-aligned Bitbucket clone URLs and localhost service URLs.
- dist/ui MSAL/password fields are bundled application UI/setup flows, not confirmed phishing or exfiltration.
- No AI-agent control-surface writes found.
Source & flagged code
12 flagged · loading sourcePackage contains a possible secret pattern.
dist/ui/assets/SetupWizard-609e8434.jsView on unpkg · L1Package source references child process execution.
dist/ui/assets/vendor-pdf-b5ab85ab.jsView on unpkg · L1Package source references dynamic require/import behavior.
dist/ui/assets/vendor-pdf-b5ab85ab.jsView on unpkg · L1Package source references a known benign dynamic code generation pattern.
dist/ui/assets/vendor-pdf-b5ab85ab.jsView on unpkg · L1Manifest entrypoint contains risky behavior absent from dist/build output.
index.bundle.jsView on unpkg · L1A single source file combines environment access, network access, and code or shell execution; review context before blocking.
index.bundle.jsView on unpkg · L12Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
index.bundle.jsView on unpkg · L12Source appears to collect browser login credentials for exfiltration.
dist/ui/assets/vendor-msal-69061c3a.jsView on unpkg · L1Source reaches cloud instance metadata or link-local credential endpoints.
dist/ui/assets/vendor-msal-69061c3a.jsView on unpkg · L1Package contains source files above the static scanner size ceiling.
dist/ui/assets/index-f9dbc56a.jsView on unpkgHardcoded password in dist/customer-portal/assets/index-737fd7d3.js
dist/customer-portal/assets/index-737fd7d3.jsView on unpkg · L123