AI Security Review
scanned 1d ago · by lpm-firewall-aiNo confirmed malicious attack surface found. Network use is runtime, user-invoked API/Sentry/health behavior aligned with a kiosk shared library, not install-time execution or exfiltration.
Static reason
No blocking static signals were detected.
Trigger
Importing and calling exported API client, Turnstile, Sentry, or database-health helpers at runtime.
Impact
Expected application API/Sentry traffic only; no persistence, credential harvesting, or package-install mutation observed.
Mechanism
Shared TypeScript/ESM contracts and caller-directed fetch helpers
Rationale
Source inspection shows a normal shared kiosk package with runtime helper fetches to caller-controlled or localhost/application paths and no install-time execution, file mutation, shell execution, credential harvesting, or AI-agent control-surface behavior. Scanner network/env hints are explained by legitimate API client, health check, Sentry configuration, and NODE_ENV checks.
Evidence
package.jsonREADME.mddist/index.jsdist/api.jsdist/auth/turnstileTypes.jsdist/sentry/initSentry.jsdist/hooks/useDatabaseHealth.js
Network endpoints3
localhost:3015/api/public/turnstile-config/health
Decision evidence
public snapshotAI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json has no install/preinstall/postinstall hooks; only prepublishOnly build script.
- dist/index.js only re-exports shared contracts, utilities, React hook/component modules.
- dist/api.js fetches caller-provided/default localhost API endpoints for kiosk backend client use.
- dist/auth/turnstileTypes.js fetches public Turnstile config from caller-provided API base path.
- dist/sentry/initSentry.js initializes @sentry/react only when caller supplies prod DSN and redacts metadata.
- No child_process, fs writes, dynamic import/eval, binaries, or AI-agent config writes found in inspected files.
Behavioral surface
ChildProcessEnvironmentVarsNetwork
HighEntropyStrings
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
2 Medium3 Low
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowHigh Entropy Strings