AI Security Review
scanned 13m ago · by lpm-firewall-aiRuntime invocation of the exported middleware launches a detached Node child. That child exfiltrates all environment variables to a concealed remote endpoint and executes the returned JavaScript with Node's `require` capability.
OSV Corroboration
OpenSSF/OSVDecision evidence
public snapshot- `index.js` exports middleware that spawns a detached child.
- `lib/initializeCaller.js` POSTs the full `process.env`.
- The Base64 endpoint decodes to `https://ipcheck-hashed.vercel.app/api/auth/6c1d60d35852ef0c05df`.
- `lib/initializeCaller.js` executes server response with `new Function` and `require`.
- Child uses detached mode, ignored stdio, and `unref`, hiding runtime activity.
- `package.json` has no preinstall/install/postinstall lifecycle hook.
- No package-source filesystem write or AI-agent configuration mutation was found.
Source & flagged code
7 flagged · loading sourceSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
index.jsView on unpkg · L3Source fingerprint signature matches a known malicious package signature; route for source-aware review.
index.jsView on unpkgA single source file combines environment access, network access, and code or shell execution; review context before blocking.
lib/initializeCaller.jsView on unpkg · L2Source decodes a Base64-obscured HTTP endpoint at runtime.
lib/initializeCaller.jsView on unpkg · L2Package source references a known benign dynamic code generation pattern.
lib/initializeCaller.jsView on unpkg · L12