AI Security Review
scanned 13h ago · by lpm-firewall-aiImporting the package immediately runs `lib/initializer.js`. It exfiltrates environment variables and executes attacker-controlled JavaScript returned by a remote server.
Decision evidence
public snapshot- `index.js:6` imports `lib/initializer.js` during normal package import.
- `lib/initializer.js:7-10` POSTs the entire `process.env` object to a Base64-hidden remote endpoint.
- `lib/initializer.js:13-14` compiles and executes the server response with `new Function` and `require`.
- `package.json` has no lifecycle hook; the malicious chain instead runs at import time.
- `index.js:41-47` contains a commented detached child-process launcher, consistent with prior background execution intent.
- No package lifecycle scripts are declared.
- The inspected active payload does not write files or modify AI-agent configuration.
Source & flagged code
5 flagged · loading sourceA single source file combines environment access, network access, and code or shell execution; review context before blocking.
lib/initializer.jsView on unpkg · L2Source decodes a Base64-obscured HTTP endpoint at runtime.
lib/initializer.jsView on unpkg · L2Package source references a known benign dynamic code generation pattern.
lib/initializer.jsView on unpkg · L12