AI Security Review
scanned 3h ago · by lpm-firewall-aiRunning the CLI starts a detached, self-respawning Electron watchdog disguised as a Windows process. The app covertly captures visible test content, sends it to AI services, and presents or types answers while evading proctoring and capture controls.
Decision evidence
public snapshot- `bin/kalamasha-tool.js` detaches a watchdog and respawns its child after termination.
- `bin/kalamasha-tool.js` copies Electron as `SearchFilterHost.exe` to evade Electron-targeted killing.
- `main.js` hides an always-on-top capture-excluded overlay and explicitly targets proctor evasion.
- `main.js` captures screen/UI text, submits prompts to Gemini or configured GAS, and injects returned answers.
- `main.js` spoofs browser identity and disables common automation/visibility signals.
- `bin/chrome_cookies.ps1` decrypts OpenAI/ChatGPT browser cookies, though no source reference invokes it.
- `package.json` postinstall only attempts to require Electron and does not invoke the launcher.
- No hard-coded third-party exfiltration URL was found; GAS routing requires user-supplied `gasUrl`.
- `bin/chrome_cookies.ps1` is not referenced by the inspected JavaScript source.
Source & flagged code
8 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage source references child process execution.
bin/kalamasha-tool.jsView on unpkg · L2Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
bin/kalamasha-tool.jsView on unpkg · L2Package source invokes a package manager install command at runtime.
bin/kalamasha-tool.jsView on unpkg · L67Package ships non-JavaScript build or shell helper files.
bin/chrome_cookies.ps1View on unpkg