AI Security Review
scanned 12d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a user-invoked CLI that logs into Catalyst, zips user-selected projects, uploads them for builds, polls results, and downloads artifacts.
Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs catalyst commands such as login, upload, check --deep, run, pull, or logout
Impact
Expected upload of user-selected project files and local storage of Catalyst token; no unconsented install-time or import-time behavior found.
Mechanism
Package-aligned CLI network client and project zipper
Rationale
Static inspection found potentially sensitive primitives, but they are aligned with documented CLI functions and require explicit user commands. There is no lifecycle execution, credential harvesting beyond Catalyst login storage, hidden exfiltration, destructive behavior, or agent-control mutation.
Evidence
package.jsonbin/catalyst.jssrc/index.jsREADME.md~/.catalyst/config.jsonuser-selected project directoryuser-selected pull output path
Network endpoints4
dev.bcat.website/catalyst/apiwww.bcat.website127.0.0.1/callbackartifact.download_url from Catalyst API response
Decision evidence
public snapshotAI called this Clean at 92.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json has no lifecycle scripts; only bin is bin/catalyst.js
- bin/catalyst.js only imports src/index.js and calls main on CLI invocation
- src/index.js network calls are Catalyst API/login/build/upload/pull flows exposed by CLI commands
- src/index.js stores only user-provided Catalyst session config under ~/.catalyst/config.json with chmod 0600
- src/index.js child_process usage is limited to opening a browser and user-invoked npm dry-run check with --ignore-scripts
- No eval/vm/dynamic native loading, persistence, destructive actions, or AI-agent control-surface writes found
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcesrc/index.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = catalyst-cli@0.2.1
matchedIdentity = npm:Y2F0YWx5c3QtY2xp:0.2.1
similarity = 0.500
summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version.
src/index.jsView on unpkgFindings
1 Critical2 Medium3 Low
CriticalPrevious Version Dangerous Deltasrc/index.js
MediumNetwork
MediumEnvironment Vars
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings