AI Security Review
scanned 8d ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. Risky primitives are tied to explicit CLI workflows for a code distribution tool rather than install-time or import-time behavior.
Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User explicitly runs datpath CLI commands such as login, init, pull, env, install, or node api_manager.js submit.
Impact
Can write datpath config/masterkey files and optional shell profile lines, and can send user-selected package data to configured or datpath service endpoints.
Mechanism
User-invoked CLI network operations, local datpath config storage, and optional shell prompt integration.
Rationale
Static inspection found suspicious primitives, but they are activated by documented/user-invoked CLI commands and align with the package's stated code-distribution and server-management purpose. There is no lifecycle execution, import-time execution, hidden credential collection, or unconsented persistence/exfiltration sufficient to classify datpath@1.0.5 as malicious.
Evidence
package.jsonsrc/index.jssrc/config.jssrc/api.jssrc/keychain.jsbin/jsapi.jsapi_manager.jstest_crypto.js~/.datpath/config.json~/.datpath/.masterkey~/.datpath/.masterkey.dpapi~/.bashrc~/.zshrc~/Documents/WindowsPowerShell/Microsoft.PowerShell_profile.ps1~/Documents/PowerShell/Microsoft.PowerShell_profile.ps1./jsapi_modules/<packageName>/<server-provided files>
Network endpoints3
${serverUrl}/remote/cli/requestapi-vip1.datpath.com/v2/codeup/default/0/jsapi/signature/checkapi-vip1.datpath.com/v2/codeup/default/0/jsapi/snapshot/push
Decision evidence
public snapshotAI called this Clean at 82.0% confidence as Benign with medium false-positive risk.
Evidence for block
- api_manager.js has a hardcoded AES key and can upload selected .md package content to https://api-vip1.datpath.com when run manually.
- bin/jsapi.js init command appends shell integration to ~/.bashrc, ~/.zshrc, or PowerShell profile.
- src/keychain.js uses execSync for OS credential-store commands, scoped to datpath master key storage.
Evidence against
- package.json has no install/preinstall/postinstall lifecycle scripts.
- src/index.js only exports modules; no import-time network, shell, or profile mutation.
- bin/jsapi.js profile writes require explicit `datpath init`; network actions require explicit CLI commands and login.
- src/api.js sends encrypted command objects only to user-configured serverUrl /remote/cli/request.
- src/config.js stores datpath credentials under ~/.datpath/config.json with local encryption/migration logic.
- No credential harvesting, hidden exfiltration, persistence at install time, destructive behavior, or AI-agent control-surface writes found.
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
4 flagged · loading sourcetest_crypto.jsView file
3patternName = generic_password
severity = medium
line = 3
matchedText = const pa...Xk="
Medium
api_manager.jsView file
10*/
L11: const axios = require("axios")
L12: const fs = require("fs")
L13: const path = require("path")
L14: const FormData = require("form-data")
L15: const crypto = require('crypto');
...
L44: let param = parseParam(args);
L45: // 解码 Base64 密钥
L46: function aesEncrypt(data, key) {
Low
Weak Crypto
Package source references weak cryptographic algorithms.
api_manager.jsView on unpkg · L10bin/jsapi.jsView file
6const path = require("path")
L7: const pkg = require("../package.json")
L8: const config = require("../src/config")
...
L13: input: process.stdin,
L14: output: process.stdout,
L15: })
...
L31: rl.close()
L32: process.stdout.write("\n")
L33: resolve(answer)
...
L219: .command("init [shell]")
L220: .description("初始化 shell 集成,提示符显示当前服务器 (自动检测或指定 powershell/bash/zsh)")
L221: .action((shell) => {
Medium
Install Persistence
Source writes installer persistence such as shell profile or service configuration.
bin/jsapi.jsView on unpkg · L6src/config.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = datpath@1.0.3
matchedIdentity = npm:ZGF0cGF0aA:1.0.3
similarity = 0.714
summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version.
src/config.jsView on unpkgFindings
1 Critical4 Medium5 Low
CriticalPrevious Version Dangerous Deltasrc/config.js
MediumSecret Patterntest_crypto.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencebin/jsapi.js
LowScripts Present
LowWeak Cryptoapi_manager.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings