registry  /  acptoapi  /  1.0.155

acptoapi@1.0.155

Anthropic SDK to multi-provider streaming bridge - converts Anthropic message format and tool calls to Gemini, OpenAI-compatible APIs

AI Security Review

scanned 3h ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is an AI API bridge whose network calls and optional ACP process launches are tied to explicit CLI/server functionality and configuration.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User invokes the CLI/server; ACP daemon startup additionally requires `ACPTOAPI_ENABLE_ACP=1`.
Impact
Can contact configured providers and start documented ACP tools when opted in; no unconsented install-time mutation, payload execution, or exfiltration was confirmed.
Mechanism
Configured AI-provider proxying with optional ACP daemon launching.
Rationale
Static source inspection finds broad runtime capabilities consistent with the package's documented proxy/ACP role, but no malicious chain. In particular, there are no npm lifecycle hooks or unconsented writes to a foreign AI-agent control surface.
Evidence
package.jsonindex.jsbin/acptoapi.jsinstall-acp-agents.ps1lib/acp-launcher.jslib/server.jslib/config.jsbin/acptoapi-tui.jslib/extra-providers.jslib/keyring.jslib/swe-bench-scores.js

Decision evidence

public snapshot
AI called this Clean at 92.0% confidence as Benign with low false-positive risk.
Evidence for block
  • `lib/acp-launcher.js` can start ACP commands, including `npx`/`bunx`, but only through runtime server behavior gated by `ACPTOAPI_ENABLE_ACP=1`.
  • `bin/acptoapi.js --update` explicitly runs npm cache/version commands; it is not an npm lifecycle hook.
  • `lib/acp-launcher.js` appends operational logs under `~/.claude/gm-log`, but does not alter agent configuration or instructions.
Evidence against
  • `package.json` has no `preinstall`, `install`, `postinstall`, or other lifecycle scripts.
  • `index.js` import path only exports SDK functions; process spawning is confined to explicit `runClaude` usage.
  • `bin/acptoapi.js` launches its server only through the user-invoked CLI.
  • `install-acp-agents.ps1` performs global installs only when the separate PowerShell script is explicitly run.
  • `lib/config.js` parses JSON configuration rather than evaluating configuration code.
  • Reviewed provider networking routes requests to configured AI backends; no credential harvesting or unrelated exfiltration was found.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 76 file(s), 528 KB of source, external domains: 127.0.0.1, 247420.xyz, aionlabs.ai, aistudio.google.com, api.aionlabs.ai, api.anthropic.com, api.cerebras.ai, api.cloudflare.com, api.cohere.com, api.deepseek.com, api.elevenlabs.io, api.example.com, api.fireworks.ai, api.groq.com, api.llama-api.com, api.mistral.ai, api.openai.com, api.perplexity.ai, api.replicate.com, api.sambanova.ai, api.together.ai, api.together.xyz, api.voyageai.com, api.x.ai, api.z.ai, benchlm.ai, build.nvidia.com, chatjimmy.ai, cloud.cerebras.ai, cloud.sambanova.ai, codestral.mistral.ai, console.anthropic.com, console.aws.amazon.com, console.groq.com, console.mistral.ai, console.x.ai, dash.cloudflare.com, dashboard.cohere.com, dashscope.aliyuncs.com, dashscope.console.aliyun.com, example.com, fireworks.ai, generativelanguage.googleapis.com, github.com, integrate.api.nvidia.com, my-host.com, ollama.com, opencode.ai, openrouter.ai, platform.deepseek.com

Source & flagged code

6 flagged · loading source
bin/acptoapi.jsView file
matchType = previous_version_dangerous_delta matchedPackage = acptoapi@1.0.126 matchedIdentity = npm:YWNwdG9hcGk:1.0.126 similarity = 0.757 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

bin/acptoapi.jsView on unpkg
123(async () => { L124: const { execSync } = require('child_process'); L125: const opts = { stdio: 'inherit', windowsHide: true };
High
Child Process

Package source references child process execution.

bin/acptoapi.jsView on unpkg · L123
123(async () => { L124: const { execSync } = require('child_process'); L125: const opts = { stdio: 'inherit', windowsHide: true }; ... L133: console.log(`[acptoapi] latest on npm: ${latest}`); L134: console.log('[acptoapi] next invocation of `bunx acptoapi@latest` or `npx -y acptoapi@latest` will fetch fresh.'); L135: process.exit(0);
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

bin/acptoapi.jsView on unpkg · L123
test.jsView file
15L16: const assert = require('assert'); L17: const http = require('http');
Medium
Dynamic Require

Package source references dynamic require/import behavior.

test.jsView on unpkg · L15
index.jsView file
122async function runClaude(opts = {}) { L123: const { spawn } = require('child_process'); L124: const http = require('http'); L125: const { execSync } = require('child_process'); ... L127: const baseUrl = `http://127.0.0.1:${port}`; L128: const apiKey = process.env.ACPTOAPI_API_KEY || 'theultimateflex'; L129:
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

index.jsView on unpkg · L122
install-acp-agents.ps1View file
path = install-acp-agents.ps1 kind = build_helper sizeBytes = 2879 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

install-acp-agents.ps1View on unpkg

Findings

1 Critical4 High5 Medium3 Low
CriticalPrevious Version Dangerous Deltabin/acptoapi.js
HighChild Processbin/acptoapi.js
HighShell
HighSame File Env Network Executionindex.js
HighRuntime Package Installbin/acptoapi.js
MediumDynamic Requiretest.js
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperinstall-acp-agents.ps1
MediumStructural Risk Force Deep Review
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings