AI Security Review
scanned 4d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The package is an MCP/CLI client for Novada web data APIs with user-invoked network, proxy, browser, and output-writing features aligned with its description.
Decision evidence
public snapshot- Provides proxy/browser/scraping capabilities that can access external sites when user calls MCP tools.
- build/utils/credentials.js can fetch Novada proxy/browser sub-account credentials from api-m.novada.com using NOVADA_API_KEY.
- Some tools can write results to ~/Downloads/novada-mcp and account-management tools can perform confirmed write actions.
- package.json prepare only runs build chmod; prepublishOnly blocks publishing with .env present, no install-time exfiltration found.
- build/index.js registers MCP tools; behavior is runtime user-invoked, not import-time execution.
- Network hosts are Novada service endpoints or user-supplied target URLs for advertised search/extract/scrape/proxy features.
- Secrets are read from Novada env vars and masked in proxy output; no credential harvesting beyond package-aligned auth use found.
- No child_process, native binary loading, persistence, destructive filesystem behavior, or AI-agent config mutation found.
- Write/billable management actions inspected require explicit confirm/dry-run style gates.
Source & flagged code
7 flagged · loading sourcePackage ships non-JavaScript build or shell helper files.
skills/novada-agent/setup.shView on unpkgHardcoded password in build/tools/proxy_residential.js
build/tools/proxy_residential.jsView on unpkg · L124Hardcoded password in build/tools/proxy_account_create.js
build/tools/proxy_account_create.jsView on unpkg · L87Hardcoded password in build/tools/proxy_mobile.js
build/tools/proxy_mobile.jsView on unpkg · L127Hardcoded password in build/tools/proxy_datacenter.js
build/tools/proxy_datacenter.jsView on unpkg · L115Hardcoded password in build/tools/proxy_isp.js
build/tools/proxy_isp.jsView on unpkg · L117