AI Security Review
scanned 10d ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package is an obfuscated AI coding CLI with powerful user-invoked tools, but inspected behavior matches the documented product.
Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs dskcode CLI commands such as chat, setup, stock, or game.
Impact
Can modify project files, execute shell commands, and call configured network APIs when used as intended.
Mechanism
User-invoked AI coding agent with file, shell, fetch, config, and DeepSeek API features
Rationale
Static inspection found substantial obfuscation and powerful agent primitives, but they are user-invoked, documented, and aligned with an AI coding CLI. No install-time execution, hidden exfiltration, persistence, destructive behavior, or unconsented agent-control mutation was confirmed.
Evidence
package.jsonREADME.mddist/index.jsdist/chunk-CV3ZB5VV.jsdist/permissions-loader-EUH55CUD.js~/.dskcode/settings.json.dskcode/settings.json
Network endpoints1
api.deepseek.com
Decision evidence
public snapshotAI called this Clean at 74.0% confidence as Benign with medium false-positive risk.
Evidence for block
- dist/index.js and chunks are heavily obfuscated, including string-array decoders.
- dist/index.js exposes user-invoked AI agent tools for read/write/edit/delete, bash, fetch, and project scanning.
- dist/index.js can write ~/.dskcode/settings.json and project .dskcode/settings.json during setup/config flows.
Evidence against
- package.json has no install/postinstall hook; prepublishOnly is publisher-side only.
- dist/index.js is the declared CLI bin and top-level execution is commander CLI startup, not install-time execution.
- Network use is package-aligned DeepSeek API access with user API key/config.
- README.md documents the same AI coding agent, file, shell, fetch, permissions, and setup behavior.
- No source evidence of credential harvesting, hidden exfiltration, persistence, or AI-agent control-surface mutation outside user-invoked CLI flows.
Behavioral surface
Network
HighEntropyStringsMinified
Source & flagged code
2 flagged · loading sourcedist/chunk-CV3ZB5VV.jsView file
1(function(d,e){function ai(d,e,f,g){return b(g-0xde,d);}function ah(d,e,f,g){return b(d-0x3c9,g);}const f=d();while(!![]){try{const g=-parseInt(ah(0x599,0x553,0x5ee,0x5cb))/(-0x1b4...
High
Obfuscated Payload Loader
Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.
dist/chunk-CV3ZB5VV.jsView on unpkg · L1dist/index.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = dskcode@0.1.42
matchedIdentity = npm:ZHNrY29kZQ:0.1.42
similarity = 0.667
summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/index.jsView on unpkgFindings
1 Critical1 High2 Medium3 Low
CriticalPrevious Version Dangerous Deltadist/index.js
HighObfuscated Payload Loaderdist/chunk-CV3ZB5VV.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowHigh Entropy Strings