AI Security Review
scanned 2d ago · by lpm-firewall-aiNo confirmed malicious attack surface established. The package is a user-invoked CLI scanner that reads a target project, writes .periderm reports, stores login config, and calls package-aligned Periderm/Groq/update/error-report endpoints.
Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
Explicit periderm commands such as scan, login, review, watch, or CLI startup update check
Impact
Expected project scanning/report upload behavior; no install-time execution or stealth credential harvesting found
Mechanism
Authenticated scanner/reporting CLI with local report writes and package-aligned HTTP calls
Rationale
Static inspection shows scanner-like behavior aligned with the package purpose, including explicit report generation and authenticated uploads, with no lifecycle execution or covert exfiltration path. The scanner hint about dangerous delta appears noisy because dist/scanner/checks.js implements deterministic checks for user projects rather than attacking the install host.
Evidence
package.jsondist/bin.jsdist/index.jsdist/api.jsdist/config.jsdist/error-report.jsdist/review/deep.jsdist/scanner/context-agent.jsdist/scanner/index.jsdist/scanner/repo-checks.js~/.periderm/config.json.periderm/last-report.md.periderm/last-report.json.periderm/ai-instructions.md.periderm/.gitignore
Network endpoints8
registry.npmjs.org/${name}/latest${apiUrl}/api/public/verify-token${apiUrl}/api/public/scan${apiUrl}/api/policies${apiUrl}/api/public/deep-reviewapi.groq.com/openai/v1/chat/completionsformspree.io/f/mqakppnn${cfg.apiUrl}/api/public/report-error
Decision evidence
public snapshotAI called this Clean at 92.0% confidence as Benign with low false-positive risk.
Evidence for block
- Observed network and file-write behavior only on explicit CLI commands: scan/login/review/update/crash reporting.
Evidence against
- package.json has no install/preinstall/postinstall lifecycle hook.
- bin.js only imports CLI and runs update check on periderm invocation.
- repo-checks.js reads target project files to produce scanner findings; no exfiltration or execution.
- api.js uploads scan results to configured Periderm API after authenticated scan command.
- config.js stores token in ~/.periderm/config.json with mode 0600 during login.
- No child_process, eval/vm/Function, native binary, or persistence primitives found by source search.
Behavioral surface
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcedist/scanner/repo-checks.jsView file
313why: "Without code-splitting, a visitor to your landing page also downloads the admin dashboard, the settings screens, and every modal. First paint gets slower with every feature y...
L314: fix: "Wrap heavy or rarely-used routes in React.lazy(() => import('./Route')) + <Suspense>, or use your router's built-in lazy() API. Split third-party charts, editors and 3D scene...
L315: aiPrompt: `This project has ${routeFiles.length} route files but no dynamic import()/React.lazy usage. Identify the largest / least-visited routes (admin, settings, editors, charts...
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/scanner/repo-checks.jsView on unpkg · L313dist/scanner/checks.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = periderm-cli@0.1.37
matchedIdentity = npm:cGVyaWRlcm0tY2xp:0.1.37
similarity = 0.875
summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version.
dist/scanner/checks.jsView on unpkgFindings
1 Critical3 Medium4 Low
CriticalPrevious Version Dangerous Deltadist/scanner/checks.js
MediumDynamic Requiredist/scanner/repo-checks.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings