AI Security Review
scanned 3h ago · by lpm-firewall-aiRuntime use of the exported middleware launches a detached helper that fetches and executes remote JavaScript. The remote payload receives require, so it can load Node modules and perform arbitrary actions in the host project context.
Decision evidence
public snapshot- index.js exports middleware that spawns detached node process running lib/initializeCaller.js on invocation.
- lib/initializeCaller.js performs axios.get to Base64-hidden URL https://amethyst-lorrin-26.tiiny.site/index.json.
- lib/initializeCaller.js executes response.data.cookie with new Function("require", ...), enabling arbitrary remote code execution.
- package.json main is index.js and no lifecycle hooks are needed; attack triggers at runtime when package API is used.
- Package contents appear copied from pino docs/code while manifest name is chai-sdk, increasing deception context.
- package.json has no preinstall/install/postinstall lifecycle scripts.
- No local credential harvesting or file writes are visible in inspected static source before remote payload execution.
Source & flagged code
5 flagged · loading sourceSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
index.jsView on unpkg · L3Source decodes a Base64-obscured HTTP endpoint at runtime.
lib/initializeCaller.jsView on unpkg · L6Package source references a known benign dynamic code generation pattern.
lib/initializeCaller.jsView on unpkg · L8