AI Security Review
scanned 2h ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package is a browser SVG diagramming library with optional user-invoked collaboration.
Static reason
High-risk behavior combination matched malicious policy.
Trigger
Normal import exposes the library; collaboration networking occurs only when the consumer calls its init() method.
Impact
No install-time mutation, credential harvesting, exfiltration, remote payload execution, persistence, or destructive behavior found.
Mechanism
Optional dynamic loading of yjs/y-websocket for collaborative diagram state.
Rationale
Scanner claims are not supported by direct source inspection: the alleged Trojan Source characters are absent and dangerous primitives were not found. Optional collaboration is package-aligned, explicitly invoked, and uses a localhost default rather than a concealed external destination.
Evidence
package.jsondist/slateboxjs.mjsdist/test.htmldist/slateboxjs.mjs.map
Decision evidence
public snapshotAI called this Clean at 97.0% confidence as Benign with high false-positive risk.
Evidence for block
Evidence against
- package.json has no preinstall, install, or postinstall hook.
- dist/slateboxjs.mjs contains zero bidi/invisible control characters.
- No fetch, XMLHttpRequest, beacon, credential, filesystem, shell, eval, or WebAssembly use was found in dist/slateboxjs.mjs.
- The only dynamic imports are optional yjs and y-websocket inside the explicit collaboration init() method.
- Optional collaboration defaults to ws://localhost:1234 and accepts consumer-provided options; no external endpoint is embedded.
- dist/test.html is a local E2E harness with no external resources.
Behavioral surface
ChildProcessFilesystem
HighEntropyStringsMinifiedUrlStrings
Source & flagged code
2 flagged · loading sourcedist/slateboxjs.mjsView file
6914contains invisible/control Unicode U+180E (mongolian vowel separator)
\v\f\r <U+180E> \u2028\u2029`, Za = new RegExp(
Critical
Trojan Source Unicode
Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/slateboxjs.mjsView on unpkg · L6914•Trigger-reachable chain: manifest.module -> dist/slateboxjs.mjs
Reachable file contains a blocking source-risk pattern.
Critical
Trigger Reachable Dangerous Capability
A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/slateboxjs.mjsView on unpkgFindings
2 Critical1 Medium4 Low
CriticalTrojan Source Unicodedist/slateboxjs.mjs
CriticalTrigger Reachable Dangerous Capabilitydist/slateboxjs.mjs
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings