AI Security Review
scanned 2d ago · by lpm-firewall-aiRuntime HTTP(S)/WebSocket proxy endpoints accept caller-supplied destinations. This creates an SSRF-style capability and disables TLS validation in the web-extension proxy, but no malicious exfiltration or payload chain is present.
Static reason
No blocking static signals were detected.
Trigger
A user or reachable client requests `/proxy` or `/aura/proxy` with a target URL; adapter messages can request an adapter upgrade.
Impact
May reach network services accessible from the ioBroker host or invoke a validated adapter upgrade through the host controller.
Mechanism
User-directed proxying and ioBroker host command forwarding.
Rationale
Source inspection does not establish malicious behavior, but the exposed arbitrary proxy and host upgrade capability are meaningful unresolved security risks. Downgrade to warn rather than block.
Evidence
package.jsonmain.jslib/webExtension.jswww/assets/echarts-Cv-_nZ52.js
Decision evidence
public snapshotAI called this Suspicious at 85.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `main.js` exposes `/proxy` for arbitrary `http:`/`https:` URLs.
- `main.js` rewrites proxied HTML and injects WebSocket/XHR/fetch interceptors.
- `lib/webExtension.js` registers equivalent arbitrary HTTP(S) and WebSocket proxy routes.
- `lib/webExtension.js` sets `rejectUnauthorized: false` for proxied HTTPS.
- `main.js` forwards `upgrade <name>` through ioBroker host `cmdExec` after message input validation.
Evidence against
- `package.json` has no preinstall/install/postinstall lifecycle hook.
- No child-process import, shell execution, credential harvesting, or AI-agent control-surface write was found.
- Network behavior is implemented as dashboard calendar/proxy functionality, with no fixed exfiltration endpoint.
- Bundled frontend `eval`-like hits are library/UI code; no package payload execution chain was established.
Behavioral surface
ChildProcessEvalFilesystemNetwork
HighEntropyStringsMinifiedObfuscatedTelemetryUrlStrings
Source & flagged code
1 flagged · loading sourcewww/assets/echarts-Cv-_nZ52.jsView file
39`+g.message)}var n=new it;n.add(a),n.isGeoSVGGraphicRoot=!0;var i=e.width,o=e.height,s=e.viewBoxRect,l=this._boundingRect;if(!l){var u=void 0,f=void 0,v=void 0,h=void 0;if(i!=null?...
L40: `+i.message)}return o8(e,n),A(n,function(i){var o=i.name;l8(e,i),f8(e,i);var s=this._specialAreas&&this._specialAreas[o];s&&i.transformTo(s.left,s.top,s.width,s.height)},this),n},r...
L41: `))}),t.join(`
Low
Eval
Package source references a known benign dynamic code generation pattern.
www/assets/echarts-Cv-_nZ52.jsView on unpkg · L39Findings
2 Medium7 Low
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvalwww/assets/echarts-Cv-_nZ52.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings