registry  /  omniguard-enterprise-cli  /  1.1.1

omniguard-enterprise-cli@1.1.1

OmniGuard - AI-Powered Application Security Platform CLI

AI Security Review

scanned 23h ago · by lpm-firewall-ai

No confirmed malicious attack surface was established. Risky primitives are user-invoked security CLI behavior: scanning local files, optional remote backend submission, optional Anthropic AI calls, and explicit hook/report/config writes.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs omniguard commands such as login, scan, fix, explain, reports, install-hooks, tui, or nexus mcp.
Impact
May transmit scanned code or prompts to configured OmniGuard/Anthropic services and write local CLI config or explicit git hook/report files.
Mechanism
package-aligned security scanner and management CLI
Rationale
Static inspection found no lifecycle execution, stealth persistence, destructive behavior, credential exfiltration to attacker infrastructure, or unconsented AI-agent control-surface mutation. The suspicious scanner hints correspond to expected security-scanner rules, explicit user commands, and package-aligned network/config behavior.
Evidence
package.jsonsrc/index.jssrc/api.jssrc/tui.jssrc/mcp-server.jssrc/test-ai.js~/.omniguard/config.json~/.omniguard/daemon.log.git/hooks/pre-commitomniguard-ciso-report.md.envomniguard/.env../.env
Network endpoints3
krnpfunshzycavskrtod.supabase.coapi.anthropic.comomniguard.io/device

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with low false-positive risk.
Evidence for block
  • src/test-ai.js can read ./ .env ANTHROPIC_API_KEY and call api.anthropic.com, but only when that helper is directly run.
  • src/index.js fix/explain can read ANTHROPIC_API_KEY from .env locations and call Anthropic on explicit user command.
  • src/index.js scan sends file path/content to configured backend when authenticated.
  • src/index.js install-hooks explicitly writes .git/hooks/pre-commit on user command.
Evidence against
  • package.json has no preinstall/install/postinstall lifecycle hooks.
  • bin entry is src/index.js; unauthenticated default path opens TUI or requires login, no install-time execution.
  • Network calls are to package-aligned OmniGuard Supabase backend or Anthropic API for user-invoked AI features.
  • Credential handling stores OmniGuard API key in ~/.omniguard/config.json encrypted; no attacker endpoint found.
  • Scanner secret regex findings are rule definitions, not embedded live secrets.
  • MCP server is static stdio tooling and does not write AI-agent configuration on install.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 5 file(s), 113 KB of source, external domains: krnpfunshzycavskrtod.supabase.co, omniguard.io

Source & flagged code

7 flagged · loading source
src/index.jsView file
308patternName = supabase_service_key severity = critical line = 308 matchedText = const an...BVE'
Critical
Critical Secret

Package contains a critical-looking secret pattern.

src/index.jsView on unpkg · L308
308patternName = supabase_service_key severity = critical line = 308 matchedText = const an...BVE'
Critical
Secret Pattern

Supabase service role key (JWT) in src/index.js

src/index.jsView on unpkg · L308
398patternName = supabase_service_key severity = critical line = 398 matchedText = anonKey ...BVE'
Critical
Secret Pattern

Supabase service role key (JWT) in src/index.js

src/index.jsView on unpkg · L398
405patternName = supabase_service_key severity = critical line = 405 matchedText = anonKey ...BVE'
Critical
Secret Pattern

Supabase service role key (JWT) in src/index.js

src/index.jsView on unpkg · L405
692patternName = aws_access_key severity = critical line = 692 matchedText = const aw...LE';
Critical
Secret Pattern

AWS access key ID in src/index.js

src/index.jsView on unpkg · L692
83{ id: 'SAST-CRYPTO-001', name: 'Weak Hash MD5', re: /createHash\s*\(\s*["']md5["']/gi, sev: 'high' }, L84: { id: 'SAST-EVAL-001', name: 'eval() Usage', re: /\beval\s*\(/g, sev: 'high' }, L85: { id: 'SAST-PATH-001', name: 'Path Traversal', re: /\.\.\/|path\.join\([^)]*req\.|path\.join\([^)]*params\./gi, sev: 'high' }
Low
Eval

Package source references a known benign dynamic code generation pattern.

src/index.jsView on unpkg · L83
6const path = require('path') L7: const http = require('http') L8: const https = require('https') L9: const readline = require('readline') L10: const { execSync, spawn } = require('child_process') L11: ... L15: const VERSION = '1.1.1' L16: const LOG_FILE = path.join(os.homedir(), '.omniguard', 'daemon.log') L17: ... L29: return new Promise(resolve => { L30: const rl = readline.createInterface({ input: process.stdin, output: process.stdout }) L31: if (!hidden) return rl.question(question, answer => { rl.close(); resolve(answer) })
Low
Weak Crypto

Package source references weak cryptographic algorithms.

src/index.jsView on unpkg · L6

Findings

5 Critical2 Medium6 Low
CriticalCritical Secretsrc/index.js
CriticalSecret Patternsrc/index.js
CriticalSecret Patternsrc/index.js
CriticalSecret Patternsrc/index.js
CriticalSecret Patternsrc/index.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowEvalsrc/index.js
LowWeak Cryptosrc/index.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings