AI Security Review
scanned 2h ago · by lpm-firewall-aiThe package is a user-invoked bulk email/red-team tool with obfuscated code, webmail automation, OAuth token storage, and contact extraction. No confirmed npm install-time malware chain was found.
Decision evidence
public snapshot- package.json defines preinstall/postinstall and obfuscated main/bin .ad/x0.js.
- .ad/x0.js implements bulk email sending, OAuth auth, contact extraction from SMTP/IMAP/Graph, and DKIM generation.
- src/web-panel/ws.js injects a panel into Gmail/Outlook/Yahoo pages and clicks compose/send for target lists.
- .ad/web-command.js builds a Chrome extension and injects src/web-panel/ws.js into open webmail sessions.
- .ad/x0.js and .ad/*.js are heavily obfuscated despite sensitive email/OAuth behavior.
- scripts/preinstall.js only prompts for EULA and writes ~/.nolimit/eula.json on acceptance.
- scripts/postinstall.js only creates a Windows nolimit.cmd shim for the package entrypoint.
- No install-time credential harvesting, exfiltration, or foreign AI-agent control-surface mutation found.
- Network-capable behavior appears tied to user-invoked email/OAuth/license/tool commands, not import/install time.
Source & flagged code
6 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
src/web-panel/ws.jsView on unpkg · L269Source file is highly similar to a previously finalized malicious package; route for source-aware review.
scripts/postinstall.jsView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
scripts/postinstall.jsView on unpkg