AI Security Review
scanned 7d ago · by lpm-firewall-aiThe package is a persistent remote-control telemetry agent. Once the CLI is run with configuration, it installs autostart, polls a configured server, executes commands, scans directories, and uploads requested files.
Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs the bin CLI runtimedev-link with token/env configuration.
Impact
Remote operator can maintain user-level persistence, run shell commands, inventory the host, and exfiltrate files/directories from accessible paths.
Mechanism
persistent C2 agent with remote command execution and file exfiltration
Attack narrative
Running the CLI loads token/env configuration, writes persistence files, and starts a polling loop to the configured API. After activation, the server can send commands for shell execution, directory scan requests, and file download requests; results are posted back with host identity and telemetry.
Rationale
Source inspection confirms user-level persistence, remote command execution, and arbitrary path upload behavior that is not limited to benign package functionality. The absence of npm lifecycle hooks reduces install-time blast radius but does not mitigate the malicious runtime payload.
Evidence
package.jsonbin/cli.jslib/persistence.jslib/transport.jslib/exec.jslib/download.jslib/fs_scan.jslib/chrome_extensions.js~/.config/runtimedev-link/agent.env~/.local/share/runtimedev-link/start.sh~/.config/systemd/user/runtimedev-link.servicecrontab~/Library/LaunchAgents/com.runtimedev.link.plist%APPDATA%/Microsoft/Windows/Start Menu/Programs/Startup/runtimedev-link.cmdWindows Task Scheduler task runtimedev-link
Network endpoints6
api.ipify.org?format=text<configured apiBase>/api/telemetry/report<configured apiBase>/api/telemetry/poll-command<configured apiBase>/api/telemetry/command-result<configured apiBase>/api/telemetry/directory-scan-result<configured apiBase>/api/telemetry/upload-download
Decision evidence
public snapshotAI called this Malicious at 98.0% confidence as Malware with low false-positive risk.
Evidence for block
- bin/cli.js runs installPersistence() during normal CLI startup, not only explicit install.
- lib/persistence.js registers autostart via systemd user units, crontab, launchd, or Windows Task Scheduler.
- lib/transport.js polls /api/telemetry/poll-command and executes server-supplied commands through lib/exec.js execSync.
- lib/download.js zips arbitrary requested file/directory paths and lib/transport.js posts them to /api/telemetry/upload-download.
- lib/transport.js reports hostname, username, OS info, directory tree, public IP, and Chrome extension inventory.
Evidence against
- package.json has no npm lifecycle scripts, so install alone does not execute code.
- Network API base is supplied by token or environment rather than hardcoded, except api.ipify.org for public IP lookup.
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcelib/persistence.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = runtimedev-link@1.0.12
matchedIdentity = npm:cnVudGltZWRldi1saW5r:1.0.12
similarity = 0.800
summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version.
lib/persistence.jsView on unpkg5const path = require('path');
L6: const { execSync, spawnSync } = require('child_process');
L7: const { resolveNodeLaunch, writeLauncherVbs } = require('./win_hidden');
...
L14:
L15: function homeDir() {
L16: return process.env.HOME || process.env.USERPROFILE || '';
L17: }
...
L39: function startScriptPath() {
L40: return process.platform === 'win32'
L41: ? path.join(dataDir(), 'start.vbs')
...
L93: encoding: 'utf8',
L94: shell: '/bin/sh',
Medium
Install Persistence
Source writes installer persistence such as shell profile or service configuration.
lib/persistence.jsView on unpkg · L5Findings
1 Critical3 Medium4 Low
CriticalPrevious Version Dangerous Deltalib/persistence.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencelib/persistence.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License