AI Security Review
scanned 3h ago · by lpm-firewall-aiNo confirmed malicious attack surface. The install hook is a package-aligned scaffold sync that may update src/editor.html in a consuming Kinetik project, and runtime dynamic imports are game scripting features.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install postinstall; explicit CLI/init; runtime game level loading
Impact
project editor template may be refreshed; app-provided game scripts may execute in browser context
Mechanism
bundled scaffold copy and browser game script loading
Rationale
Source inspection shows the suspicious primitives are aligned with a Three.js game engine/scaffolder and do not perform exfiltration, persistence, lifecycle shell execution, or foreign AI-agent control-surface mutation. The postinstall write is narrow to a project editor template when a src directory exists, so it does not justify a block or warning under the provided policy.
Evidence
package.jsonsync-generated-editor-html.jsscriptManager.jsbin/create-kinetik-app.jsinit.jsnetworking.jssrc/editor.htmlscaffold/src/editor.html
Decision evidence
public snapshotAI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
- postinstall runs sync-generated-editor-html.js and can write src/editor.html in installer project when src/ exists
Evidence against
- postinstall copies only package scaffold/src/editor.html into project src/editor.html; no agent/control-surface files or persistence
- sync-generated-editor-html.js uses INIT_CWD/package paths only and has no network, shell, credential, or env harvesting beyond INIT_CWD
- scriptManager.js dynamic import loads browser game scripts from level/userData paths at runtime, package-aligned extensibility
- bin/create-kinetik-app.js and init.js scaffold a Kinetik app from bundled scaffold files on explicit CLI/init use
- networking.js only defines app-configured browser WebRTC/signaling helpers; no hardcoded exfiltration endpoint
- No credential collection, lifecycle child_process execution, destructive behavior, or AI-agent control writes found
Behavioral surface
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node sync-generated-editor-html.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkgscriptManager.jsView file
25if (_moduleCache.has(url)) return _moduleCache.get(url);
L26: const mod = await import(url);
L27: _moduleCache.set(url, mod);
Medium
Dynamic Require
Package source references dynamic require/import behavior.
scriptManager.jsView on unpkg · L25Findings
1 High4 Medium5 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumDynamic RequirescriptManager.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License