AI Security Review
scanned 1d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package provides user-invoked MySQL backup and restore behavior with local filesystem staging and caller-configured database connections.
Static reason
One or more suspicious static signals were detected.
Trigger
Caller imports the module and invokes exported function with database credentials, path, and upload/download mode.
Impact
Can read database rows into local backup files, create zip archives, and restore/move project files when explicitly requested; no evidence of unconsented exfiltration or install-time execution.
Mechanism
User-directed database backup/restore and local zip staging
Rationale
Static source inspection shows risky but package-aligned backup/restore primitives activated by explicit runtime calls, not by installation or import. The builtin-named dependencies are suspicious packaging hygiene issues, but source inspection found no concrete malicious behavior or exfiltration endpoint.
Evidence
package.jsonindex.jscreatebackup.jsupload.jsfilefunctions.jsfunctions.jslinks.js./backupfilescaller-supplied backup zip/output pathapplication root during full backup/restore
Network endpoints1
caller-supplied database host/port
Decision evidence
public snapshotAI called this Clean at 87.0% confidence as Benign with medium false-positive risk.
Evidence for block
- package.json declares deprecated/builtin-named deps fs/path/stream, a suspicious packaging signal.
- upload.js can move project files during full restore and clean/replace database tables, but only when caller invokes upload mode.
Evidence against
- package.json has no install/preinstall/postinstall lifecycle hooks and main is index.js.
- index.js exports a function; no import-time backup, restore, shell, or network action found.
- Network activity is database connections via mysql2/pg to caller-supplied host/port, aligned with backup/restore purpose.
- createbackup.js writes local ./backupfiles and backup zip; no remote exfiltration endpoint found.
- rg found no child_process, eval/vm/Function, dynamic remote loading, persistence, or AI-agent control-surface writes.
Behavioral surface
Filesystem
HighEntropyStrings
Source & flagged code
1 flagged · loading sourcepackage.jsonView file
•Runtime dependency names matching Node built-ins: fs, path, stream
High
Node Builtin Dependency Squat
Package declares a runtime dependency whose name matches a Node built-in module.
package.jsonView on unpkgFindings
1 High3 Low
HighNode Builtin Dependency Squatpackage.json
LowScripts Present
LowFilesystem
LowHigh Entropy Strings