AI Security Review
scanned 4h ago · by lpm-firewall-aiThe public webhook endpoint can issue a server-side GET request to an arbitrary URL supplied in an SNS-shaped request. This is a concrete SSRF primitive, not an install-time payload.
Static reason
No blocking static signals were detected.
Trigger
Unauthenticated POST to `/insight/webhook/:token` with `x-amz-sns-message-type: SubscriptionConfirmation` and `SubscribeURL`.
Impact
May reach internal or otherwise restricted HTTP services from the deployed server network.
Mechanism
Attacker-controlled server-side fetch before webhook-token validation.
Rationale
The package is not malicious at install or import time, but it exposes a concrete unauthenticated SSRF vulnerability in its runtime webhook handler. Downgrade to warn until the handler validates SNS confirmations and restricts the target URL.
Evidence
package.jsondist/routes/index.jsdist/controllers/webhook.controller.jsdist/server.jsdist/standalone.jsdist/services/incident.service.jsdist/services/sop.service.jsdist/services/workflow.service.jsdist/features/connectors/prometheus/controller.js
Decision evidence
public snapshotAI called this Suspicious at 90.0% confidence as Critical Vulnerability with low false-positive risk.
Evidence for warning
- Public webhook route accepts unauthenticated requests.
- Webhook handler fetches attacker-controlled `body.SubscribeURL` before token validation.
- No URL allowlist, hostname validation, or private-address block is present for `SubscribeURL`.
Evidence against
- `package.json` has no install, preinstall, or postinstall hook.
- Imports only export/create server components; startup occurs through explicit `createInsight().start()`.
- No child-process, eval, native-binary loading, or package filesystem mutation found.
- Other outbound calls implement configured AI, notification, Datadog, AWS, and connector integrations.
- No credential harvesting or exfiltration path beyond configured service integrations was found.
Behavioral surface
CryptoEnvironmentVarsNetwork
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
5 Medium5 Low
MediumNetwork
MediumEnvironment Vars
MediumAi Review Evidence
MediumAi Review Evidence
MediumAi Review Evidence
LowNon Install Lifecycle Scripts
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings
LowNo License