AI Security Review
scanned 3h ago · by lpm-firewall-aiRuntime use of the exported middleware launches a detached helper that fetches code from a remote endpoint and executes it. This is unconsented remote code execution in the consuming application's context.
Decision evidence
public snapshot- index.js exports middleware that spawns detached node child process for lib/initializeCaller.js when called.
- lib/initializeCaller.js decodes an obscured HTTPS endpoint and POSTs to it with axios.
- lib/initializeCaller.js executes response.data via new Function("require", response.data).
- README presents normal chai plugin usage that calls cookiePhase, activating the background task.
- lib/const.js contains another base64-obscured URL, though it is not imported by the observed entrypoint.
- package.json has no install/preinstall/postinstall lifecycle scripts.
- The helper shadows process.env with hardcoded values rather than directly harvesting the real host environment.
- No filesystem writes, persistence, destructive code, or AI-agent control-surface mutation found in inspected source.
Source & flagged code
7 flagged · loading sourceSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
index.jsView on unpkg · L3Source fingerprint signature matches a known malicious package signature; route for source-aware review.
index.jsView on unpkgA single source file combines environment access, network access, and code or shell execution; review context before blocking.
lib/initializeCaller.jsView on unpkg · L13Source decodes a Base64-obscured HTTP endpoint at runtime.
lib/initializeCaller.jsView on unpkg · L2