AI Security Review
scanned 7d ago · by lpm-firewall-aiNo confirmed malicious attack surface by static inspection. The package exposes shell, filesystem path helpers, prompts, and HTTP request helpers that run only when application code invokes them.
Static reason
One or more suspicious static signals were detected.
Trigger
User imports dax and explicitly calls shell/request/path helper APIs.
Impact
No install-time execution, exfiltration, persistence, or agent control-surface mutation found.
Mechanism
user-invoked shell and HTTP utility library
Rationale
The suspicious primitives are package-aligned for a cross-platform shell scripting library and are activated by user API calls, not lifecycle or import-time attack behavior. No credential collection, hardcoded exfiltration endpoint, persistence, destructive install hook, or AI-agent control hijack was found.
Evidence
package.jsonREADME.mdscript/mod.jsesm/mod.jsscript/mod.d.ts
Decision evidence
public snapshotAI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json has no install/preinstall/postinstall/prepare lifecycle scripts
- package.json main/module point to bundled library entrypoints script/mod.js and esm/mod.js
- script/mod.js child_process spawn is the advertised shell API, reached via user-created CommandBuilder commands
- script/mod.js fetch is only in $.request/RequestBuilder using caller-supplied URLs
- process.env access is for shell environment handling, not credential harvesting
- scanner secret hit is bundled WebAssembly base64 for @david/console-static-text, not a credential
Behavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourceesm/mod.jsView file
3443patternName = aws_access_key
severity = critical
line = 3443
matchedText = var byte...=");
Critical
3443patternName = aws_access_key
severity = critical
line = 3443
matchedText = var byte...=");
Critical
script/mod.jsView file
4043patternName = aws_access_key
severity = critical
line = 4043
matchedText = var byte...=");
Critical
Findings
3 Critical2 Medium4 Low
CriticalCritical Secretesm/mod.js
CriticalSecret Patternesm/mod.js
CriticalSecret Patternscript/mod.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings