AI Security Review
scanned 35m ago · by lpm-firewall-aiThe package exposes an n8n community node that runs an AI agent and sends prompt/tracing data to a user-configured Langfuse instance. This is package-aligned runtime behavior, not a confirmed attack surface.
Static reason
One or more suspicious static signals were detected.
Trigger
User configures credentials and executes the n8n node or opens prompt selectors.
Impact
Workflow prompts, outputs, selected metadata, and Langfuse credentials are used for intended Langfuse observability; no unauthorized exfiltration found.
Mechanism
Langfuse API fetches and LangChain callback tracing
Rationale
Static inspection found no consumer lifecycle execution, no AI-agent control-surface writes, and no shell/eval/filesystem harvesting. The network and secret patterns are expected for an n8n Langfuse integration using user credentials.
Evidence
package.jsondist/credentials/AgentLangfuseApi.credentials.jsdist/nodes/AgentLangfuse/AgentLangfuse.node.jsdist/nodes/AgentLangfuse/langfuse.jsdist/nodes/AgentLangfuse/execute.js
Network endpoints4
cloud.langfuse.comlangfuse.com/docs/api/public/v2/prompts/api/public/projects
Decision evidence
public snapshotAI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json has only prepublishOnly; no consumer install hook.
- n8n manifest points to expected dist credential/node files.
- Credential file defines user-supplied Langfuse URL and Basic auth fields; no hardcoded secrets.
- langfuse.js requests only configured Langfuse base URL for prompts/projects/tracing.
- execute.js runs connected LangChain models/tools only during explicit n8n node execution.
- No shell, eval, filesystem harvesting, persistence, or agent config mutation found.
Behavioral surface
ChildProcessNetwork
UrlStrings
Source & flagged code
1 flagged · loading sourcedist/credentials/AgentLangfuseApi.credentials.jsView file
39patternName = generic_password
severity = medium
line = 39
matchedText = password...}}',
Medium
Secret Pattern
Package contains a possible secret pattern.
dist/credentials/AgentLangfuseApi.credentials.jsView on unpkg · L39Findings
2 Medium3 Low
MediumSecret Patterndist/credentials/AgentLangfuseApi.credentials.js
MediumNetwork
LowNon Install Lifecycle Scripts
LowScripts Present
LowUrl Strings