AI Security Review
scanned 3h ago · by lpm-firewall-aiThe runtime server provides HTTP(S) and WebSocket proxy endpoints whose target is supplied by the requester. It forwards selected browser credentials and accepts invalid TLS certificates. No install-time attack surface was found.
Static reason
No blocking static signals were detected.
Trigger
A client requests `/proxy?url=<http(s) URL>` or `/aura/proxy?url=<http(s) URL>`; WebSocket variants accept a supplied ws(s) URL.
Impact
Can enable SSRF/internal-network access or relay client cookies to attacker-controlled targets when the routes are reachable.
Mechanism
User-controlled reverse proxy with credential forwarding, HTML rewriting, and disabled TLS verification.
Rationale
The package is not overt malware, but its source contains a concrete user-controlled proxy capability with credential forwarding and TLS validation disabled. This warrants a warning rather than a block because it is runtime functionality, not malicious installation behavior.
Evidence
package.jsonmain.jslib/webExtension.jsio-package.json
Decision evidence
public snapshotAI called this Suspicious at 89.0% confidence as Critical Vulnerability with low false-positive risk.
Evidence for warning
- `main.js` exposes `/proxy` for requester-selected HTTP(S) URLs.
- `main.js` forwards cookies/CSRF headers and disables TLS certificate verification.
- `lib/webExtension.js` registers equivalent `/aura/proxy` and WebSocket proxy routes.
- Both proxy implementations strip framing/CSP-related response headers and rewrite HTML.
Evidence against
- `package.json` contains no preinstall/install/postinstall/prepare hooks.
- No child-process, eval/vm, credential harvesting, or covert fixed exfiltration was found in reviewed runtime sources.
- Calendar fetching in `main.js` is an explicit adapter state-driven feature.
Behavioral surface
ChildProcessEvalFilesystemNetwork
HighEntropyStringsMinifiedObfuscatedTelemetryUrlStrings
Source & flagged code
1 flagged · loading sourcewww/assets/echarts-Cv-_nZ52.jsView file
39`+g.message)}var n=new it;n.add(a),n.isGeoSVGGraphicRoot=!0;var i=e.width,o=e.height,s=e.viewBoxRect,l=this._boundingRect;if(!l){var u=void 0,f=void 0,v=void 0,h=void 0;if(i!=null?...
L40: `+i.message)}return o8(e,n),A(n,function(i){var o=i.name;l8(e,i),f8(e,i);var s=this._specialAreas&&this._specialAreas[o];s&&i.transformTo(s.left,s.top,s.width,s.height)},this),n},r...
L41: `))}),t.join(`
Low
Eval
Package source references a known benign dynamic code generation pattern.
www/assets/echarts-Cv-_nZ52.jsView on unpkg · L39Findings
2 Medium7 Low
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvalwww/assets/echarts-Cv-_nZ52.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings