AI Security Review
scanned 18h ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package performs user-invoked database backup and restore operations with expected local file and database mutation for that purpose.
Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User imports/calls exported function with database credentials, path, and download/upload mode.
Impact
Can modify local project files and database contents during explicit restore modes, but no unconsented install/import-time behavior was found.
Mechanism
Database backup/restore library with local zip extraction/creation and SQL schema/data operations.
Rationale
Static inspection shows dangerous primitives are aligned with an explicit database backup/restore package and are activated by user-provided runtime config, not install/import-time code. No exfiltration, remote code execution, persistence, or agent control-surface mutation was found.
Evidence
package.jsonindex.jsfunctions.jsfilefunctions.jscreatebackup.jsupload.jsuploaddata.jslinks.jsbackupfiles/user-provided output zip pathuser-provided input zip pathOld_files* in application root during full restore
Decision evidence
public snapshotAI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
- package.json declares npm deps named Node built-ins fs/path/stream, but they are not lifecycle executed.
- upload.js can move project files to Old_files and restore files from a backup archive when user calls upload mode.
- functions.js/uploaddata.js contain DROP/TRUNCATE/DELETE helpers used for database restore modes.
Evidence against
- package.json has no preinstall/install/postinstall hooks and main is index.js only.
- No child_process, eval/Function, HTTP client, or exfiltration endpoints found by source search.
- Network use is limited to user-supplied MySQL/Postgres connections for backup/restore.
- File writes/deletes are package-aligned backup workspace/output operations or explicit restore behavior.
- No AI-agent control-surface writes, persistence hooks, credential harvesting, or remote payload loading found.
Behavioral surface
Filesystem
HighEntropyStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•Runtime dependency names matching Node built-ins: fs, path, stream
High
Node Builtin Dependency Squat
Package declares a runtime dependency whose name matches a Node built-in module.
package.jsonView on unpkgfunctions.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = dbbackuper@1.2.8
matchedIdentity = npm:ZGJiYWNrdXBlcg:1.2.8
similarity = 0.727
summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
functions.jsView on unpkgFindings
2 High3 Low
HighNode Builtin Dependency Squatpackage.json
HighPrevious Version Dangerous Deltafunctions.js
LowScripts Present
LowFilesystem
LowHigh Entropy Strings