registry  /  cherry-markdown-next  /  0.1.3

cherry-markdown-next@0.1.3

Next-generation Markdown editor and renderer with GFM and Cherry extensions

AI Security Review

scanned 3h ago · by lpm-firewall-ai

No install-time attack surface is established. At runtime, an `echarts` Markdown block can execute JavaScript when its options are not valid JSON. Chart and math rendering also loads package-selected third-party image endpoints.

Static reason
No blocking static signals were detected.
Trigger
A consumer renders attacker-controlled Markdown containing an `echarts` fenced block.
Impact
Arbitrary JavaScript may run in the consuming page's origin; rendered content may be sent to chart-rendering hosts.
Mechanism
Dynamic `Function` evaluation of ECharts options; external image URL generation.
Rationale
The package is not malicious by source intent, but its ECharts fallback creates a real client-side code-execution risk for untrusted Markdown. Flag as warn rather than block because the behavior is runtime, feature-adjacent, and not an install-time attack chain.
Evidence
package.jsonREADME.mddist/cherry.min.mjsdist/types/renderer/Renderer.d.tsdist/types/transformer/TransformerEngine.d.ts
Network endpoints3
math-api-delta.vercel.appecharts-api.vercel.appmermaid.ink

Decision evidence

public snapshot
AI called this Suspicious at 94.0% confidence as Critical Vulnerability with low false-positive risk.
Evidence for warning
  • `dist/cherry.min.mjs` evaluates non-JSON ECharts input with `Function(...)`.
  • User Markdown fenced as `echarts` reaches that parser at render time.
  • Rendered math, Mermaid, and ECharts blocks construct remote image URLs.
Evidence against
  • `package.json` has only `prepublishOnly`, not install hooks.
  • No shipped Node filesystem, process-spawn, credential-harvesting, or agent-config code found.
  • Remote hosts are used for documented Markdown rendering features.
Behavioral surface
Source
ChildProcessEnvironmentVarsShell
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 9 file(s), 3.24 MB of source, external domains: ankio.net, echarts-api.vercel.app, echarts.apache.org, example.com, github.com, img.shields.io, math-api-delta.vercel.app, mermaid.ink, mermaid.live, www.w3.org

Source & flagged code

1 flagged · loading source
dist/cherry.min.mjsView file
Published source reference
Medium
Ai Review Evidence

`dist/cherry.min.mjs` evaluates non-JSON ECharts input with `Function(...)`.

dist/cherry.min.mjsView on unpkg

Findings

5 Medium5 Low
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
MediumAi Review Evidencedist/cherry.min.mjs
MediumAi Review Evidence
MediumAi Review Evidence
LowNon Install Lifecycle Scripts
LowScripts Present
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings