AI Security Review
scanned 2h ago · by lpm-firewall-aiUser running the CLI starts a stealth Electron overlay with watchdog persistence. On Windows it targets TestPad/exam windows, injects bundled unprotect.dll into protected processes, bypasses screen-capture protections, captures screen content, and sends screenshots/text to Groq for answers.
Decision evidence
public snapshot- dist/cli/index.js start spawns hidden daemon/guard and creates Windows scheduled task MicrosoftEdgeWebView2Update every minute
- dist/cli/index.js copies electron.exe to msedgewebview2.exe and rewrites metadata to Microsoft Edge WebView2
- cli/guard.cjs disguises process title as Windows Audio Device Graph Isolation and auto-restarts daemon
- desktop/dist/daemon.cjs runs ensureTestpadUnprotected on startup and every 5s
- desktop/resources/inject_dll.ps1 performs OpenProcess/VirtualAllocEx/WriteProcessMemory/CreateRemoteThread DLL injection
- desktop/resources/capture_testpad.ps1 says it bypasses SetWindowDisplayAffinity and captures TestPad/exam windows
- package.json has no npm lifecycle hooks, so behavior is not install-time
- network use is package-aligned Groq API request for AI overlay responses
- CLI exposes stop command and daemon has stop flag cleanup paths
Source & flagged code
8 flagged · loading sourceSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/cli/index.jsView on unpkg · L13Source writes installer persistence such as shell profile or service configuration.
dist/cli/index.jsView on unpkg · L13Source decrypts an embedded payload, writes it to disk, and executes it through a child process.
desktop/dist/daemon.cjsView on unpkgPackage source references a known benign dynamic code generation pattern.
desktop/dist/daemon.cjsView on unpkg · L2945Package ships native binary artifacts.
desktop/resources/unprotect.dllView on unpkgPackage ships non-JavaScript build or shell helper files.
desktop/resources/inject_dll.ps1View on unpkg