AI Security Review
scanned 3h ago · by lpm-firewall-aiThe adapter runtime exposes arbitrary outbound HTTP(S) and WebSocket proxy endpoints. This is a documented feature, but source lacks destination allowlisting and disables upstream TLS certificate verification.
Static reason
No blocking static signals were detected.
Trigger
A network client requests `/proxy?url=...` or the extension proxy route.
Impact
May enable SSRF/internal-service access and send selected inbound headers to an attacker-chosen target.
Mechanism
Unrestricted server-side proxying of caller-selected destinations.
Rationale
The package appears functionally aligned with an ioBroker dashboard, but its unrestricted proxy routes create a source-confirmed security exposure. No malicious install-time, exfiltration, persistence, or agent-control behavior was found.
Evidence
package.jsonREADME.mdmain.jslib/webExtension.jsio-package.json
Decision evidence
public snapshotAI called this Suspicious at 91.0% confidence as Critical Vulnerability with medium false-positive risk.
Evidence for warning
- `main.js` exposes `/proxy` for arbitrary `http:`/`https:` URLs without a hostname allowlist.
- `main.js` proxies client-selected targets with `rejectUnauthorized: false` and forwards selected request headers.
- `lib/webExtension.js` registers equivalent arbitrary HTTP and WebSocket proxy routes.
Evidence against
- `package.json` has no `preinstall`, `install`, or `postinstall` lifecycle hook.
- README documents the server and iframe proxy as package functionality.
- No child-process execution, credential harvesting, AI-agent control writes, persistence, or hard-coded exfiltration endpoint found in inspected source.
Behavioral surface
ChildProcessEvalFilesystemNetwork
HighEntropyStringsMinifiedObfuscatedTelemetryUrlStrings
Source & flagged code
1 flagged · loading sourcewww/assets/echarts-Cv-_nZ52.jsView file
39`+g.message)}var n=new it;n.add(a),n.isGeoSVGGraphicRoot=!0;var i=e.width,o=e.height,s=e.viewBoxRect,l=this._boundingRect;if(!l){var u=void 0,f=void 0,v=void 0,h=void 0;if(i!=null?...
L40: `+i.message)}return o8(e,n),A(n,function(i){var o=i.name;l8(e,i),f8(e,i);var s=this._specialAreas&&this._specialAreas[o];s&&i.transformTo(s.left,s.top,s.width,s.height)},this),n},r...
L41: `))}),t.join(`
Low
Eval
Package source references a known benign dynamic code generation pattern.
www/assets/echarts-Cv-_nZ52.jsView on unpkg · L39Findings
2 Medium7 Low
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvalwww/assets/echarts-Cv-_nZ52.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings