AI Security Review
scanned 3h ago · by lpm-firewall-aiA network-reachable Aura server accepts caller-controlled HTTP(S) and WebSocket proxy targets. This creates an SSRF/open-proxy capability, but no source evidence shows intentional malware or credential harvesting.
Static reason
No blocking static signals were detected.
Trigger
A reachable client requests /proxy?url=... or /proxyws?url=... after the adapter starts its server.
Impact
An attacker able to access the Aura service can probe internal services or proxy traffic to arbitrary hosts.
Mechanism
Unrestricted user-controlled HTTP/WebSocket proxy with TLS verification disabled.
Rationale
The package is not shown to be malicious, but it ships a concrete high-risk unrestricted proxy capability. Treat it as a warning-level critical vulnerability rather than a publish-blocking malware verdict.
Evidence
package.jsonmain.jslib/webExtension.jsio-package.jsonadmin/jsonConfig.json
Decision evidence
public snapshotAI called this Suspicious at 93.0% confidence as Critical Vulnerability with low false-positive risk.
Evidence for warning
- main.js exposes /proxy for arbitrary http/https URLs without an allowlist.
- main.js exposes /proxyws for arbitrary ws/wss targets.
- Proxy disables TLS verification and can reach private/internal hosts.
- lib/webExtension.js registers equivalent unrestricted proxy routes.
Evidence against
- package.json has no preinstall, install, or postinstall hook.
- No child-process, eval, vm, or dynamic-loader use found in authored runtime files.
- Proxy behavior is documented as dashboard/mixed-content functionality, not covert exfiltration.
Behavioral surface
ChildProcessEvalFilesystemNetwork
HighEntropyStringsMinifiedObfuscatedTelemetryUrlStrings
Source & flagged code
1 flagged · loading sourcewww/assets/echarts-Cv-_nZ52.jsView file
39`+g.message)}var n=new it;n.add(a),n.isGeoSVGGraphicRoot=!0;var i=e.width,o=e.height,s=e.viewBoxRect,l=this._boundingRect;if(!l){var u=void 0,f=void 0,v=void 0,h=void 0;if(i!=null?...
L40: `+i.message)}return o8(e,n),A(n,function(i){var o=i.name;l8(e,i),f8(e,i);var s=this._specialAreas&&this._specialAreas[o];s&&i.transformTo(s.left,s.top,s.width,s.height)},this),n},r...
L41: `))}),t.join(`
Low
Eval
Package source references a known benign dynamic code generation pattern.
www/assets/echarts-Cv-_nZ52.jsView on unpkg · L39Findings
2 Medium7 Low
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvalwww/assets/echarts-Cv-_nZ52.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings