AI Security Review
scanned 3d ago · by lpm-firewall-aiNo unconsented install-time or import-time attack behavior was confirmed. User-invoked login helpers can transmit credentials to the selected API endpoint, and startup login checks npm for updates without installing by default.
Static reason
One or more suspicious static signals were detected.
Trigger
Calling `login()` performs the update check; calling exported `loginViaAPI()` submits supplied credentials; enabling `remoteControl` opens its configured WebSocket.
Impact
No confirmed stealth persistence, remote payload execution, destructive action, or automatic credential exfiltration outside invoked features.
Mechanism
documented Messenger authentication, optional update check, and opt-in remote WebSocket client
Rationale
The flagged primitives are tied to documented, caller-invoked Messenger features or an update check with installation disabled by default. Source inspection found no lifecycle hook, stealth execution chain, broad file harvesting, or unconsented persistence.
Evidence
package.jsondist/cjs.cjsdist/index.jsREADME.mdfca-uzair.example.jsonfca-uzair.jsonUzair_Database
Network endpoints3
registry.npmjs.org/fca-uzair-rajput-developer/latestuzair.site/api/v1/facebook/login_iosminhdong.site/api/v1/facebook/login_ios
Decision evidence
public snapshotAI called this Clean at 90.0% confidence as Benign with medium false-positive risk.
Evidence for block
- `dist/index.js` exports `loginViaAPI`, which POSTs supplied Facebook credentials to a configured external API.
- `login()` runs an npm registry version check; installation is disabled by default.
- `remoteControl` can open a WebSocket only when explicitly enabled with a URL.
Evidence against
- `package.json` has no preinstall, install, or postinstall hooks.
- `dist/cjs.cjs` only loads and validates exports; import-time code does not execute a payload.
- Credential API and remote-control behavior are documented in `README.md`.
- The updater uses `execFile` only if `checkUpdate.install` is explicitly enabled; default is false.
- Filesystem writes are limited to explicit config/app-state/database features in the caller's working directory.
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShellWebSocket
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcedist/index.jsView file
12820return new Promise((resolve, reject) => {
L12821: (0, import_node_child_process.execFile)(npmCommand, ["i", dependency], { cwd: process.cwd() }, (error, _stdout, stderr) => {
L12822: if (error) {
High
36Cross-file remote execution chain: dist/index.js spawns dist/index.mjs; helper contains network access plus dynamic code execution.
L36: // src/func/logger.ts
L37: function writeStdout(message) {
L38: process.stdout.write(`${message}
L39: `);
...
L55: function getTheme() {
L56: const fromEnv = String(process.env.FCA_LOG_THEME || "").toLowerCase();
L57: if (fromEnv === "minimal") return "minimal";
...
L135: const parts2 = parseLabel(message, "READY");
L136: const bodyOut2 = parts2.label === "READY" ? formatSuccessBody(parts2.body, grad, styles.text) : grad ? grad.coolStatus(parts2.body) : styles.text(parts2.body);
L137: const labelOut2 = grad ? grad.coolStatus(padLabel(parts2.label)) : styles.text(padLabel(parts2.label));
...
L1525: const ua = options?.userAgent || "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36";
L1526: const referer = options?.referer || "https://www.facebook.com/";
High
Cross File Remote Execution Context
Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/index.jsView on unpkg · L36Findings
3 High2 Medium4 Low
HighChild Processdist/index.js
HighShell
HighCross File Remote Execution Contextdist/index.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings