AI Security Review
scanned 8d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a security-audit CLI that downloads and executes scanner tools during user-invoked scans, and can optionally install git hooks when explicitly commanded.
Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs auditx CLI commands such as scan, install, hook install, --ai, or --fix
Impact
Runs external security tools, downloads scanner binaries, writes reports/config/hooks when requested; no stealth persistence or unconsented exfiltration found
Mechanism
user-invoked scanner orchestration and report generation
Rationale
Static inspection shows dangerous primitives are aligned with the advertised audit CLI: downloading scanners, running local audit tools, optional AI summary, optional git hooks, and report output. There is no lifecycle execution, hidden credential collection, unauthorized network endpoint, or stealth persistence indicating malicious intent.
Evidence
package.jsondist/auditx.jsdist/hook-W4INEOTH.jsaudit-report.mdaudit-report.json~/.auditx/bin~/.auditx/semgrep-home/settings.yml~/.auditx/config.json.git/hooks/pre-commit.git/hooks/pre-push.husky/pre-commit.husky/pre-push
Network endpoints3
github.com/gitleaks/gitleaks/releases/download/github.com/aquasecurity/trivy/releases/download/github.com/semgrep/semgrep/releases/download/
Decision evidence
public snapshotAI called this Clean at 88.0% confidence as Benign with medium false-positive risk.
Evidence for block
Evidence against
- package.json has no install/preinstall/postinstall lifecycle hooks; only CLI bin dist/auditx.js
- dist/auditx.js network downloads target scanner release URLs for gitleaks/trivy/semgrep as part of first-run scanner setup
- dist/auditx.js child_process use runs declared security tools: semgrep, trivy, npm audit, gitleaks, eslint, jscpd, depcheck, license-checker, tsc, git, lizard
- dist/hook-W4INEOTH.js writes git hooks only via explicit `auditx hook install` command, with marker and uninstall path
- AI API keys are read from env or ~/.auditx config only for explicit --ai/setup flows; no credential harvesting loop or exfiltration found
- No import-time execution beyond commander CLI parsing; default behavior scans target and writes reports
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
5 flagged · loading sourcedist/auditx.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = auditx@0.1.13
matchedIdentity = npm:YXVkaXR4:0.1.13
similarity = 0.500
summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version.
dist/auditx.jsView on unpkg8import { resolve } from "path";
L9: import { execSync } from "child_process";
L10:
High
869import { randomUUID as randomUUID2 } from "crypto";
L870: var execAsync = promisify7(exec);
L871: async function runJscpd(targetPath, stagedFiles) {
High
877const targets = stagedFiles && stagedFiles.length > 0 ? stagedFiles.map((f) => `"${f}"`).join(" ") : `"${targetPath}"`;
L878: await execAsync(`npx --yes jscpd ${targets} --reporters json --output "${tmpDir}" --silent`, { maxBuffer: 10 * 1024 * 1024 });
L879: } catch (e) {
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
dist/auditx.jsView on unpkg · L8778import { resolve } from "path";
L9: import { execSync } from "child_process";
L10:
...
L16: var TARGET_FILES = /* @__PURE__ */ new Set([
L17: "package.json",
L18: "package-lock.json",
...
L74: try {
L75: const pkg = JSON.parse(readFileSync(pkgPath, "utf-8"));
L76: if (pkg.dependencies) Object.keys(pkg.dependencies).forEach((d) => allDeps.add(d));
...
L132: import { existsSync as existsSync2, mkdirSync, createWriteStream, rmSync } from "fs";
L133: import https from "https";
L134: import * as tar from "tar";
Low
Findings
1 Critical3 High3 Medium5 Low
CriticalPrevious Version Dangerous Deltadist/auditx.js
HighChild Processdist/auditx.js
HighShelldist/auditx.js
HighRuntime Package Installdist/auditx.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowWeak Cryptodist/auditx.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings