AI Security Review
scanned 2h ago · by lpm-firewall-aiNo confirmed malicious attack surface. The only network primitive is a user-click image download for a rendered URL; package behavior is UI rendering and host callbacks.
Static reason
High-risk behavior combination matched malicious policy.
Trigger
User clicks a rendered image download control.
Impact
Downloads user-visible rendered content; no credential or local-file access is established.
Mechanism
Fetches the displayed image URL into a browser download.
Rationale
Direct inspection shows a bundled React chat UI with no install-time execution or concrete malicious chain. The scanner's Unicode finding is attributable to bundled rendering/parser data and markdown handling, not concealed executable behavior.
Evidence
package.jsondist/index.jsdist/index-IhZ10FMM.jsREADME.mddist/highlighted-body-OFNGDK62-DLVlqymP.jsdist/mermaid-GHXKKRXX-DoI1IwCE.js
Decision evidence
public snapshotAI called this Clean at 97.0% confidence as Benign with medium false-positive risk.
Evidence for block
- dist/index-IhZ10FMM.js contains bidi controls, but inside bundled parser/entity data.
- dist/index-IhZ10FMM.js fetches an image URL only from a rendered image download click.
Evidence against
- package.json has no preinstall, install, postinstall, or prepare hook.
- dist/index.js is a React UI export bundle with host-provided callbacks for send, upload, and actions.
- No child-process, filesystem, eval, credential harvesting, or persistence APIs were found.
- Dynamic imports load only local rendering chunks and flare-canvas-ui.
- No hard-coded external network endpoint or exfiltration path was found.
Behavioral surface
ChildProcessEnvironmentVarsNetwork
HighEntropyStringsTelemetryUrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcedist/index-IhZ10FMM.jsView file
2333contains invisible/control Unicode U+202A (left-to-right embedding)
/* @__PURE__ */ 'ᵁ<Õıʊҝջאٵ۞ޢߖࠏઑඡ༉༦ረዡᐕᒝᓃᓟᔥ\0\0\0\0\0\0ᕫᛍᦍᰒᷝ<U+2060>↰⊍⏀⏻⑂⠤⤒ⴈ⹈⿎〖㊺㘹㞬㣾㨨㩱㫠㬮ࠀEMabcfglmnoprstu\\bfms¦³¹ÈÏlig耻Æ䃆P耻&䀦cute耻Á䃁reve;䄂Āiyx}rc耻Â䃂;䐐r;쀀𝔄rave耻À䃀pha;䎑acr;䄀d;橓Āgp¡on;䄄f;쀀𝔸plyFunction;恡ing耻Å䃅Ācs¾Ãr;쀀𝒜ign;扔ilde耻Ã䃃ml耻
Critical
Trojan Source Unicode
Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/index-IhZ10FMM.jsView on unpkg · L2333•Trigger-reachable chain: manifest.main -> dist/index.js -> dist/index-IhZ10FMM.js
Reachable file contains a blocking source-risk pattern.
Critical
Trigger Reachable Dangerous Capability
A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/index-IhZ10FMM.jsView on unpkgFindings
2 Critical3 Medium5 Low
CriticalTrojan Source Unicodedist/index-IhZ10FMM.js
CriticalTrigger Reachable Dangerous Capabilitydist/index-IhZ10FMM.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings
LowNo License