AI Security Review
scanned 1d ago · by lpm-firewall-aiThe package is a bulk email/phishing automation kit with browser webmail injection, spoofed sender generation, and message evasion. Install hooks are not the primary attack; the user-invoked CLI activates the abusive capability.
Decision evidence
public snapshot- package.json exposes install hooks and obfuscated CLI main .ad/x0.js as bin nolimit
- templates/functions.txt documents bulk campaigns, direct_mx, raw_smtp, turbo_mode, QR links, DKIM setup, contact extraction
- src/web-panel/ws.js injects a panel into webmail and programmatically composes/sends to target email lists
- .ad/web-command.js generates a Chrome extension with <all_urls>, scripting, activeTab and injects ws.js via a localhost WebSocket
- .ad/advanced-evasion.js contains email evasion logic: hidden text, Unicode jitter, benign noise, aria-label injection
- .ad/from-generator.js generates service-style sender names like securityalerts/loginverification
- preinstall only prompts for EULA in TTY and writes ~/.nolimit/eula.json
- postinstall only creates a Windows nolimit.cmd shim for the package entrypoint
- No evidence of credential harvesting or exfiltration during install
- No foreign AI-agent control-surface writes found
Source & flagged code
5 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
src/web-panel/ws.jsView on unpkg · L269Source file is highly similar to a previously finalized malicious package; route for source-aware review.
scripts/postinstall.jsView on unpkg