AI Security Review
scanned 8h ago · by lpm-firewall-aiNo confirmed malicious attack surface was found. The package is a create-* CLI that writes Zenith CMS scaffold files only after the user runs the bin command.
Static reason
One or more suspicious static signals were detected.
Trigger
User runs create-zenithcms-app [directory]
Impact
Creates application template files in the chosen project directory; no exfiltration or persistence observed.
Mechanism
local project scaffolding with fs.writeFileSync and generated random secrets
Rationale
Static inspection shows package-aligned scaffolding behavior activated by the CLI, with no install-time execution, credential harvesting, network exfiltration, persistence, or AI-agent control-surface mutation. Scanner secret/env hits are template documentation or locally generated development secrets, not malicious payloads.
Evidence
package.jsondist/index.js<target>/package.json<target>/src/server.ts<target>/src/collections/Users.ts<target>/src/zenith.config.ts<target>/tsconfig.json<target>/.env<target>/.gitignore<target>/tests/config.test.ts<target>/docker-compose.yml<target>/README.md<target>/docs/API.md<target>/docs/ARCHITECTURE.md<target>/docs/FEATURES.md<target>/docs/DEPLOYMENT.md<target>/docs/PLUGINS.md
Decision evidence
public snapshotAI called this Clean at 96.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json has bin only and no npm lifecycle scripts
- dist/index.js is a user-invoked scaffolding CLI that creates a new project directory
- Generated .env secrets use crypto.randomBytes locally, not embedded real credentials
- No child_process, eval, dynamic import/require, network requests, or native/binary loading found
- process.env references are inside generated app templates/docs, not harvested from the reviewer or installer environment
- No writes to AI-agent control surfaces, shell startup files, VCS hooks, or persistence locations
Behavioral surface
CryptoEnvironmentVarsFilesystem
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
5 flagged · loading sourcedist/index.jsView file
614patternName = aws_access_key
severity = critical
line = 614
matchedText = AWS_ACCE...MPLE
Critical
614patternName = aws_access_key
severity = critical
line = 614
matchedText = AWS_ACCE...MPLE
Critical
615patternName = aws_secret_key
severity = critical
line = 615
matchedText = AWS_SECR...EKEY
Critical
833patternName = stripe_live_secret
severity = critical
line = 833
matchedText = STRIPE_S...xxxx
Critical
834patternName = stripe_webhook_secret
severity = high
line = 834
matchedText = STRIPE_W...xxxx
High
Findings
4 Critical1 High1 Medium5 Low
CriticalCritical Secretdist/index.js
CriticalSecret Patterndist/index.js
CriticalSecret Patterndist/index.js
CriticalSecret Patterndist/index.js
HighSecret Patterndist/index.js
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License