registry  /  cogito-client  /  1.0.71

cogito-client@1.0.71

This template provides a minimal setup to get React working in Vite with HMR and some ESLint rules.

AI Security Review

scanned 9d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is a React/LiveKit client library that communicates with caller-provided Cogito/LiveKit endpoints during user-invoked chat or voice connection flows.

Static reason
One or more suspicious static signals were detected.
Trigger
Consumer imports useCogito and application calls connect/sendMessage/voice methods.
Impact
Expected network, localStorage conversation ID persistence, and optional microphone/audio behavior for the client library; no unauthorized install/import-time action identified.
Mechanism
User-invoked WebRTC chat client behavior
Rationale
Static inspection shows expected client-side networking and media APIs for a LiveKit-based React chat package, activated by exported hook methods and caller-supplied server values. There is no lifecycle execution, hardcoded exfiltration endpoint, credential/file harvesting, shell execution, or persistence beyond browser localStorage conversation IDs.
Evidence
package.jsondist/index.jsdist/index.umd.cjsdist/index.d.tsREADME.md
Network endpoints3
${server}/api/chat/tokenreturned serverURL / LiveKit WebSocket URLLiveKit region /regions endpoint derived from caller URL

Decision evidence

public snapshot
AI called this Clean at 91.0% confidence as Benign with low false-positive risk.
Evidence for block
  • dist/index.js exports React hook useCogito that posts to `${server}/api/chat/token` and connects to returned LiveKit serverURL when app code calls connect.
  • dist/index.js stores/removes only a conversationId key in browser localStorage and may enable microphone/attach audio when voice mode is used.
  • Bundled LiveKit code contains WebSocket/fetch/getUserMedia primitives, but they are runtime communication features for WebRTC clients.
Evidence against
  • package.json has no preinstall/install/postinstall/prepare lifecycle hooks.
  • Entrypoints are dist/index.js and dist/index.umd.cjs; import-time code is library initialization/export setup, not network or filesystem execution.
  • No child_process, filesystem access, credential harvesting, destructive behavior, persistence, or AI-agent control-surface writes found.
  • Network destinations are caller-provided server URLs or LiveKit-derived region URLs, not hardcoded exfiltration hosts.
  • Secret-pattern hits are schema/protocol field names such as token, refresh_token, turn_password, not embedded secrets.
Behavioral surface
Source
ChildProcessEnvironmentVarsNetworkWebSocket
Supply chain
HighEntropyStringsMinifiedProtestwareUrlStrings
Manifest
NoLicense
scanned 2 file(s), 1.02 MB of source, external domains: aomediacodec.github.io

Source & flagged code

1 flagged · loading source
dist/index.umd.cjsView file
12patternName = generic_password severity = medium line = 12 matchedText = `},e.par...+`\r
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/index.umd.cjsView on unpkg · L12

Findings

4 Medium4 Low
MediumSecret Patterndist/index.umd.cjs
MediumNetwork
MediumEnvironment Vars
MediumProtestware
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings
LowNo License