registry  /  dax  /  0.48.5

dax@0.48.5

Cross platform shell tools inspired by zx.

AI Security Review

scanned 7d ago · by lpm-firewall-ai

No confirmed malicious attack surface was established. The risky primitives are package-aligned shell, filesystem, environment, and request APIs activated by consumer code.

Static reason
One or more suspicious static signals were detected.
Trigger
User imports dax and explicitly calls shell, path, env, or request APIs.
Impact
No automatic install-time/import-time execution, exfiltration, persistence, or AI-agent control-surface mutation found.
Mechanism
User-invoked scripting utility library primitives
Rationale
dax@0.48.5 is a scripting library whose network, env, filesystem, and child_process references implement documented user-invoked functionality. Static inspection found no lifecycle hook, top-level payload execution, credential exfiltration, persistence, or unconsented agent-control mutation.
Evidence
package.jsonREADME.mdscript/mod.jsesm/mod.js

Decision evidence

public snapshot
AI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
  • script/mod.js bundles shell, filesystem, env, and fetch capabilities that are powerful if invoked by a consumer.
Evidence against
  • package.json has no preinstall/install/postinstall/prepare lifecycle hooks.
  • package.json entrypoints are ./script/mod.js and ./esm/mod.js only; no bin or install runner.
  • script/mod.js child_process usage is inside exported shell command execution paths, not top-level import execution.
  • script/mod.js makeRequest calls fetch only after a user supplies a URL through the request builder.
  • README.md describes dax as a cross-platform shell/request/prompt library and shows explicit user-invoked APIs.
  • Search found no agent control-surface files, persistence hooks, credential harvesting, or hardcoded exfiltration endpoint.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 1.36 MB of source, external domains: github.com

Source & flagged code

3 flagged · loading source
esm/mod.jsView file
3443patternName = aws_access_key severity = critical line = 3443 matchedText = var byte...=");
Critical
Critical Secret

Package contains a critical-looking secret pattern.

esm/mod.jsView on unpkg · L3443
3443patternName = aws_access_key severity = critical line = 3443 matchedText = var byte...=");
Critical
Secret Pattern

AWS access key ID in esm/mod.js

esm/mod.jsView on unpkg · L3443
script/mod.jsView file
4043patternName = aws_access_key severity = critical line = 4043 matchedText = var byte...=");
Critical
Secret Pattern

AWS access key ID in script/mod.js

script/mod.jsView on unpkg · L4043

Findings

3 Critical2 Medium4 Low
CriticalCritical Secretesm/mod.js
CriticalSecret Patternesm/mod.js
CriticalSecret Patternscript/mod.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings