registry  /  hn-workflow-components  /  1.0.8

hn-workflow-components@1.0.8

一个基于 React + TypeScript 的可视化工作流编排组件库,提供工作流编辑器与执行进度查看器两种模式。

AI Security Review

scanned 6d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is a React workflow editor/viewer that performs user-invoked workflow API calls to a consumer-configured backend.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
Importing/rendering components and clicking save/publish or loading viewer data.
Impact
No evidence of credential theft, persistence, destructive behavior, or unsolicited external exfiltration.
Mechanism
package-aligned React UI with axios workflow API calls
Rationale
Static inspection shows risky primitives are aligned with documented workflow component behavior and require runtime use of the UI with a caller-provided backend. No install-time execution, hidden host, harvesting, shell execution, or AI-agent control-surface mutation was found.
Evidence
package.jsonREADME.mddist/workflow-components.es.jsdist/workflow-components.umd.jsdist/mockServiceWorker.jsdist/index.d.ts

Decision evidence

public snapshot
AI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
  • dist/workflow-components.es.js uses axios at runtime against caller-provided baseUrl for workflow APIs.
  • dist/workflow-components.es.js uses localStorage key startNode and window.parent.postMessage on publish.
Evidence against
  • package.json has no install/preinstall/postinstall/prepare lifecycle hooks.
  • Entrypoints are React component bundles exporting WorkflowComponents and WorkflowViewerComponents.
  • Network calls are documented workflow backend paths in README.md and use caller-supplied baseUrl/customHeaders, not a hardcoded exfiltration host.
  • No child_process/fs/native loading/credential harvesting patterns found in inspected package source.
  • Bidi/invisible Unicode search over entrypoints found no matches despite scanner hint.
  • dist/mockServiceWorker.js is the standard MSW worker and only proxies active mock clients.
Behavioral surface
Source
ChildProcessEnvironmentVarsNetwork
Supply chain
HighEntropyStringsMinifiedUrlStrings
Manifest
NoLicense
scanned 3 file(s), 2.08 MB of source, external domains: ant.design, bit.ly, github.com, redux-toolkit.js.org, redux.js.org, styled-components.com, u.ant.design, www.styled-components.com, www.w3.org

Source & flagged code

2 flagged · loading source
dist/workflow-components.es.jsView file
37606contains invisible/control Unicode U+200C (zero width non-joiner) position: relative<U+200C>;
Critical
Trojan Source Unicode

Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

dist/workflow-components.es.jsView on unpkg · L37606
dist/workflow-components.umd.jsView file
Trigger-reachable chain: manifest.main -> dist/workflow-components.umd.js Reachable file contains a blocking source-risk pattern.
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/workflow-components.umd.jsView on unpkg

Findings

2 Critical3 Medium4 Low
CriticalTrojan Source Unicodedist/workflow-components.es.js
CriticalTrigger Reachable Dangerous Capabilitydist/workflow-components.umd.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings
LowNo License