AI Security Review
scanned 6d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a React workflow component library whose runtime HTTP requests target caller-configured workflow API endpoints.
Static reason
High-risk behavior combination matched malicious policy.
Trigger
Import and render WorkflowComponents or WorkflowViewerComponents; save/publish/viewer actions trigger API calls.
Impact
Workflow JSON may be sent to the configured backend or parent window during documented save/publish flows; no unconsented exfiltration found.
Mechanism
Package-aligned React UI with axios requests to configured workflow backend
Rationale
Static source inspection shows documented workflow-editor behavior, with network access controlled by the consumer-provided baseUrl and no lifecycle execution or hidden payload behavior. The scanner findings are attributable to bundled dependencies and documented runtime UI/API functionality rather than malware.
Evidence
package.jsonREADME.mddist/workflow-components.es.jsdist/workflow-components.umd.jsdist/mockServiceWorker.jsdist/index.d.ts
Decision evidence
public snapshotAI called this Clean at 92.0% confidence as Benign with low false-positive risk.
Evidence for block
- Runtime network calls exist via axios to consumer-provided baseUrl and relative /bpmn/* endpoints.
- Publish action posts workflow JSON to window.parent with target '*', only after user clicks publish.
Evidence against
- package.json has no install/preinstall/postinstall lifecycle hooks; main/module point to dist bundles.
- README documents workflow editor/viewer and the same baseUrl/customHeaders and /bpmn/* API usage found in dist/workflow-components.es.js.
- No child_process, shell execution, eval-based payload loading, credential harvesting, persistence, or destructive behavior found in package code.
- Scanner Trojan Source hint not confirmed: no bidi/invisible Unicode controls found in package.json, README.md, or dist bundles.
- dist/mockServiceWorker.js is standard MSW worker code and is not a package entrypoint.
Behavioral surface
ChildProcessEnvironmentVarsNetwork
HighEntropyStringsMinifiedUrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcedist/workflow-components.es.jsView file
37607contains invisible/control Unicode U+200C (zero width non-joiner)
position: relative<U+200C>;
Critical
Trojan Source Unicode
Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/workflow-components.es.jsView on unpkg · L37607dist/workflow-components.umd.jsView file
•Trigger-reachable chain: manifest.main -> dist/workflow-components.umd.js
Reachable file contains a blocking source-risk pattern.
Critical
Trigger Reachable Dangerous Capability
A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/workflow-components.umd.jsView on unpkgFindings
2 Critical3 Medium4 Low
CriticalTrojan Source Unicodedist/workflow-components.es.js
CriticalTrigger Reachable Dangerous Capabilitydist/workflow-components.umd.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings
LowNo License