AI Security Review
scanned 3h ago · by lpm-firewall-aiThe package deliberately provides a runtime remote-maintenance API with shell execution, database/Redis operations, and code-file transfer. It is activated only after a host application configures and mounts its exported router; no install-time attack surface was found.
Static reason
One or more suspicious static signals were detected.
Trigger
A host application calls `drmTool.config()` and mounts `drmRouter`, then a client invokes `/AD42F6697B035B7580E4FEF93BE20B4D/:destEnvType/:command`.
Impact
Authorized or improperly exposed callers could execute commands, alter data, or transfer code/files on the hosting environment.
Mechanism
Developer-gated remote maintenance, including arbitrary shell command execution and configured file forwarding.
Rationale
Source inspection confirms a high-impact, intentionally user-invoked remote-administration capability rather than covert install-time malware. Flag as a warning because safe deployment depends on correct application configuration and access control.
Evidence
package.jsonREADME.mddist/cjs/pp-util.js
Decision evidence
public snapshotAI called this Suspicious at 90.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `dist/cjs/pp-util.js` exposes an `exec` command that passes supplied commands to `childProcess.exec`.
- The Express router exposes remote maintenance endpoints for SQL, Redis, file upload/download, logs, and command execution.
- Configured `uploadUrl` and forwarding targets can transmit file contents to remote maintenance endpoints.
- TLS requests disable certificate verification with `rejectUnauthorized: false`.
Evidence against
- `package.json` has no preinstall, install, postinstall, or other lifecycle hook.
- `README.md` describes an explicitly integrated developer remote-maintenance service.
- Command dispatch calls `sureNoDangers` and remote forwarding requires a configured developer private key and allowed client hosts.
- No hard-coded external host, credential-harvesting routine, AI-agent control-surface mutation, or import-time network action was found.
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystem
HighEntropyStrings
Source & flagged code
1 flagged · loading sourcepackage.jsonView file
•Runtime dependency names matching Node built-ins: child_process
High
Node Builtin Dependency Squat
Package declares a runtime dependency whose name matches a Node built-in module.
package.jsonView on unpkgFindings
1 High1 Medium3 Low
HighNode Builtin Dependency Squatpackage.json
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings