registry  /  box-react-uix  /  18.6.91

box-react-uix@18.6.91

A utility package that reports runtime errors to Sentry using @sentry/node.

AI Security Review

scanned 1d ago · by lpm-firewall-ai

The package has an install-time hook that installs @sentry/node and runs a verifier which initializes the package and reports a synthetic error. This causes unconsented install-time telemetry to a hardcoded Sentry DSN, but no broader malware behavior or persistence was found.

Static reason
High-risk behavior combination matched malicious policy.; source matched previously finalized malicious package; routed for review; source fingerprint signature matched known malicious package; routed for review
Trigger
npm install runs package preinstall
Impact
Installer environment may make outbound Sentry telemetry for a synthetic error; runtime users can explicitly report errors and optionally attach public IP.
Mechanism
install-time Sentry error report via bundled verifier
Attack narrative
On installation, npm executes the preinstall script from package.json. That script installs @sentry/node and runs examples/verify.js, which imports src/index.js, initializes Sentry using the package default DSN, and reports a synthetic Error. The library also exposes runtime helpers to report errors and fetch a public IP from Cloudflare trace endpoints, but these are user-invoked after import/install.
Rationale
Static inspection confirms an unconsented install-time network side effect, but it is limited to package-aligned Sentry telemetry and does not harvest credentials, persist, mutate agent controls, or execute remote code. This warrants a warning for lifecycle telemetry rather than a publish block.
Evidence
package.jsonexamples/verify.jssrc/index.jssrc/index.d.ts
Network endpoints3
examplePublicKey@o0.ingest.sentry.io/0cloudflare.com/cdn-cgi/tracewww.cloudflare.com/cdn-cgi/trace

Decision evidence

public snapshot
AI called this Suspicious at 88.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json defines preinstall: npm install @sentry/node && node examples/verify.js
  • preinstall runs package code at install time via examples/verify.js
  • examples/verify.js imports src and sends Error to Sentry
  • src/index.js has DEFAULT_DSN hardcoded to a Sentry ingest endpoint
  • src/index.js can fetch public IP from Cloudflare trace endpoints and attach it to Sentry user context
Evidence against
  • No shell/child_process/eval/vm/native binary loading found in src or examples
  • No writes to agent control surfaces, startup files, VCS hooks, or persistence locations found
  • No credential/env harvesting beyond SENTRY_DSN option/env fallback
  • Runtime APIs are mostly Sentry error-reporting wrappers and user-invoked helpers
  • Network endpoints are visible and aligned with telemetry/error-reporting package description
Behavioral surface
Source
ChildProcessEnvironmentVarsNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 10.4 KB of source, external domains: 1.1.1.1, one.one.one.one, www.cloudflare.com

Source & flagged code

4 flagged · loading source
package.jsonView file
scripts.preinstall = npm install @sentry/node && node examples/verify.js
Critical
Red Install Lifecycle Script

Install-time lifecycle script matches a deterministic static-gate block pattern.

package.jsonView on unpkg
scripts.preinstall = npm install @sentry/node && node examples/verify.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
src/index.jsView file
matchType = normalized_sha256 matchedPackage = sams-sr-sdk-h5@7.0.0 matchedPath = src/index.js matchedIdentity = npm:c2Ftcy1zci1zZGstaDU:7.0.0 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

src/index.jsView on unpkg
matchType = malicious_source_fingerprint_signature signature = 77336ad547d16a1c signatureType = suspicious_hashes sourceLabel = final_verdict:malicious matchedPackage = sams-sr-sdk-h5@7.0.0 matchedPath = src/index.js matchedIdentity = npm:c2Ftcy1zci1zZGstaDU:7.0.0 similarity = 1.000 shingleOverlap = 2 summary = package final verdict is malicious
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

src/index.jsView on unpkg

Findings

1 Critical3 High2 Medium3 Low
CriticalRed Install Lifecycle Scriptpackage.json
HighInstall Time Lifecycle Scriptspackage.json
HighKnown Malware Source Similaritysrc/index.js
HighKnown Malware Source Fingerprint Signaturesrc/index.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings