AI Security Review
scanned 10h ago · by lpm-firewall-aiNo confirmed malicious attack surface. Network calls are application API requests initiated by the frontend, and filesystem writes are limited to the explicit build plugin.
Static reason
One or more suspicious static signals were detected.
Trigger
No install-time trigger; API requests occur during normal application use and build writes require an explicit build.
Impact
No unconsented installation mutation, credential exfiltration, remote payload execution, or persistence established.
Mechanism
Configured frontend authentication and business API client
Rationale
Static hints map to ordinary frontend network/auth code and a development build plugin. Source inspection found no lifecycle execution or concrete malicious behavior.
Evidence
package.jsonsrc/core/request/index.tssrc/utils/auth-token.tsplugins/bump-version.tsvite.config.ts.env.production.env.development.env.testsrc/utils/request.tssrc/core/mxApi/index.tssrc/api/user.ts
Network endpoints2
api.example.com10.56.183.104:8090
Decision evidence
public snapshotAI called this Clean at 97.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json has no preinstall/install/postinstall hooks or package entrypoints.
- src/core/request/index.ts routes browser/native API calls through configured application requests.
- src/utils/auth-token.ts uses login tokens for Authorization and strips a backend password hash before storing principal data.
- plugins/bump-version.ts only changes build artifacts and version files during an explicit Vite build.
- .env.production contains a placeholder API URL and timeout, not a credential.
- No shell execution, eval/vm, exfiltration path, or runtime file-harvesting source was found.
Behavioral surface
FilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading source.env.productionView file
•patternName = blocked_file
severity = critical
matchedText = .env.production
redactedSecretContext =
secretLikeLines = 0
notes = no secret-like key/value lines found in sampled text
Critical
Findings
1 Critical1 Medium4 Low
CriticalCritical Secret.env.production
MediumNetwork
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings