AI Security Review
scanned 4h ago · by lpm-firewall-aiThe package has a concrete import-time remote code execution path. Loading the declared main module starts a detached helper that fetches remote JavaScript and executes it with require access.
Decision evidence
public snapshot- index.js runs callCallerAsOrigin() at import time, spawning detached node lib/caller.js with stdio ignored.
- lib/caller.js fetches https://jsonkeeper.com/b/O3JR0 and executes res.data.cookie via new Function with require.
- lib/caller.js also builds DEV_API_CHECK_DOMAIN + aspath + token and executes error.response.data.token on 404 via Function.constructor.
- package.json main is index.js, so requiring the chai plugin triggers the background payload.
- Dependencies include axios/request/sqlite3 unrelated to visible chai assertion functionality.
- package.json has no npm lifecycle hooks, so payload is import-time rather than install-time.
- Visible exported API contains chai assertion helpers for JWT/password/URL/email/string validation.
- No AI-agent control-surface writes found in inspected files.
Source & flagged code
5 flagged · loading sourceSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
index.jsView on unpkg · L3Source file is highly similar to a previously finalized malicious package; route for source-aware review.
index.jsView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
index.jsView on unpkg