AI Security Review
scanned 9d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established by source inspection. The package is a Stencil whiteboard component library with optional user-invoked sync and asset upload providers.
Decision evidence
public snapshot- dist/esm/schema.constants-7ayQfjzt.js and CJS copy contain one U+200B in a ProseMirror documentation comment, not executable code.
- Network-capable classes exist for collaboration and asset storage: WebSocket/Hocuspocus sync and user-configured HTTP/presigned asset providers.
- package.json has no install/preinstall/postinstall lifecycle hooks; scripts are developer build/test/release commands only.
- Entrypoints dist/index.js and dist/index.cjs.js re-export package modules; no import-time shell, filesystem mutation, or exfiltration logic observed.
- Network calls use caller-provided URLs/options or localhost defaults for documented whiteboard sync/asset workflows, not hardcoded suspicious endpoints.
- License manager verifies offline Ed25519 tokens using a public key and timer; it does not contact a server or harvest secrets.
- Search found no child_process, package-manager execution, AGENTS/.codex writes, credential file access, or reviewer/prompt manipulation.
- localStorage and IndexedDB usage is scoped to editor settings, workspace IDs, and asset caching.
Source & flagged code
3 flagged · loading sourcePackage source references dynamic require/import behavior.
dist/index.cjs.jsView on unpkg · L1Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/esm/schema.constants-7ayQfjzt.jsView on unpkg · L2595A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/cjs/schema.constants-TiseVL4a.jsView on unpkg