AI Security Review
scanned 3h ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The package has a lifecycle hook that refreshes a package-aligned editor HTML file in a consuming project and runtime game networking/script-loading features that are user/application invoked.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install for editor HTML sync; runtime calls for networking and script loading
Impact
May update src/editor.html during install when a consuming project has src/, but no evidence of credential theft, exfiltration, persistence, or agent hijack.
Mechanism
project scaffold/update plus browser game engine modules
Rationale
Source inspection shows suspicious primitives are package-aligned game engine behavior: scaffold file generation, an editor-template postinstall refresh, browser dynamic module loading for level scripts, and user-configured networking. No concrete malicious behavior, exfiltration, persistence, or AI-agent control hijack was found.
Evidence
package.jsonsync-generated-editor-html.jsinit.jsbin/create-kinetik-app.jsscriptManager.jsnetworking.jsscaffold/scripts/run-electron.jsscaffold/electron-main.jssrc/editor.htmlelectron-main.jspreload.jsvite.config.jsscripts/run-electron.jssrc/index.htmlsrc/main.jssrc/game/editorSetup.jssrc/game/bootstrap.jssrc/game/globals.jssrc/game/ground.jssrc/game/player.jsscripts/scene.jsscripts/object.jslevels/main.json
Network endpoints2
stun:stun.l.google.com:19302stun:stun1.l.google.com:19302
Decision evidence
public snapshotAI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
- package.json defines postinstall: node sync-generated-editor-html.js
- sync-generated-editor-html.js can overwrite INIT_CWD/src/editor.html from scaffold template when src/ exists
- scriptManager.js dynamically imports level/object script paths from gameState/userData at runtime
- networking.js implements user-configured WebRTC signaling and STUN usage
Evidence against
- No credential, env, home-directory, npmrc, SSH, or secret harvesting found by source search
- No hardcoded exfiltration endpoint; networking apiBase is caller configured
- No AI-agent control-surface writes, MCP/Claude/Codex/Cursor config mutation, persistence, or shell startup hooks found
- bin/create-kinetik-app.js and init.js only scaffold package-aligned game project files
- child_process usage is only in scaffold/scripts/run-electron.js to launch Electron for generated app
- Dynamic imports are browser game scripts from level/editor metadata, not install-time remote code
Behavioral surface
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node sync-generated-editor-html.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkgscriptManager.jsView file
25if (_moduleCache.has(url)) return _moduleCache.get(url);
L26: const mod = await import(url);
L27: _moduleCache.set(url, mod);
Medium
Dynamic Require
Package source references dynamic require/import behavior.
scriptManager.jsView on unpkg · L25Findings
1 High4 Medium5 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumDynamic RequirescriptManager.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License