registry  /  systemview  /  1.21.0

systemview@1.21.0

A documentation and testing suite for SystemLynx

AI Security Review

scanned 1d ago · by lpm-firewall-ai

No malicious install-time or import-time attack was found. Residual risk is a user-invoked CLI command injection bug in browser opening when service-controlled namespace fields are included in an exec-built command.

Static reason
High-risk behavior combination matched malicious policy.; previous stored version diff introduced dangerous source
Trigger
User runs systemview open against a connected service with crafted service/module/method metadata.
Impact
possible local command execution in the invoking user's shell context
Mechanism
shell command construction with unsanitized URL
Attack narrative
The package exposes a CLI and local UI for connecting to SystemLynx services, storing service metadata, cookies, and manifests. A malicious connected service could influence namespace URL path parts used by cli/openBrowser.js, which are passed to child_process.exec without shell escaping when the user invokes the open command. This is a real command-injection risk, but it is user-triggered and service-mediated rather than npm lifecycle malware.
Rationale
Source inspection does not show unconsented install-time behavior, exfiltration, persistence, or AI-agent hijacking, so the package is not malicious. The exec-based browser launch and global TLS disablement warrant a warning for a concrete user-invoked vulnerability.
Evidence
package.jsoncli/index.jscli/openBrowser.jscli/cookieClient.jscli/connectService.jscli/probe.jsapi/index.jsapi/Connections.jsbuild/static/js/main.6240c0f1.jsapi/connections.jsonsystemview.cookies.jsonsystemview.manifest.json
Network endpoints3
localhost:3000localhost:3000/systemview/apiuser-supplied SystemLynx service URLs

Decision evidence

public snapshot
AI called this Suspicious at 87.0% confidence as Critical Vulnerability with medium false-positive risk.
Evidence for warning
  • cli/index.js disables TLS certificate validation for the CLI process.
  • cli/openBrowser.js shells out with exec(`${browserCommand} ${fullUrl}`) using URL path parts derived from user/service data.
  • cli/probe.js and cli/runTests.js can invoke connected SystemLynx service methods when explicitly run by the user.
Evidence against
  • package.json has no preinstall/postinstall/prepare lifecycle hooks.
  • bin entry cli/index.js is a user-invoked SystemView CLI, not install-time code.
  • Network use is package-aligned: local SystemView API and user-supplied SystemLynx service URLs.
  • Writes are limited to package/project state such as api/connections.json, systemview.cookies.json, and systemview.manifest.json.
  • No AI-agent control-surface writes, persistence hooks, credential harvesting, or hardcoded exfiltration endpoint found.
  • build/static/js dynamic chunk loading is normal webpack/web-vitals behavior, not remote payload execution.
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsEvalFilesystemNetwork
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
Manifest
NoLicense
scanned 31 file(s), 1.52 MB of source, external domains: atelierbram.github.io, chriskempson.com, clrs.cc, cscorley.github.io, ethanschoonover.com, fb.me, github.com, hart-dev.com, momentjs.com, railscasts.com, reactjs.org, sethawright.com, tybenz.com, www.monokai.nl, www.w3.org

Source & flagged code

6 flagged · loading source
cli/openBrowser.jsView file
1const { exec } = require("child_process"); L2: const resolveNamespace = require("./utils/resolveNamespace");
High
Child Process

Package source references child process execution.

cli/openBrowser.jsView on unpkg · L1
build/static/js/main.6240c0f1.jsView file
1/*! For license information please see main.6240c0f1.js.LICENSE.txt */ L2: (()=>{var e={3240(e){"use strict";var t=Object.prototype.hasOwnProperty,n=Object.prototype.toString,r=Object.defineProperty,a=Object.getOwnPropertyDescriptor,o=function(e){return"f... L3: //# sourceMappingURL=main.6240c0f1.js.map
Critical
Download Execute

Source downloads or fetches remote code and executes it.

build/static/js/main.6240c0f1.jsView on unpkg · L1
1/*! For license information please see main.6240c0f1.js.LICENSE.txt */ L2: (()=>{var e={3240(e){"use strict";var t=Object.prototype.hasOwnProperty,n=Object.prototype.toString,r=Object.defineProperty,a=Object.getOwnPropertyDescriptor,o=function(e){return"f... L3: //# sourceMappingURL=main.6240c0f1.js.map
High
Eval

Package source references dynamic code evaluation.

build/static/js/main.6240c0f1.jsView on unpkg · L1
cli/cookieClient.jsView file
1const axios = require("axios").default; L2: const FormData = require("form-data");
Medium
Dynamic Require

Package source references dynamic require/import behavior.

cli/cookieClient.jsView on unpkg · L1
cli/index.jsView file
matchType = previous_version_dangerous_delta matchedPackage = systemview@2.0.0 matchedIdentity = npm:c3lzdGVtdmlldw:2.0.0 similarity = 0.633 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

cli/index.jsView on unpkg
2Manifest entrypoint (manifest.bin) carries capability families absent from dist/build output: environment+network L2: L3: process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"; L4: ... L24: const DEFAULT_PORT = 3000; L25: const VERSION = require("../package.json").version; L26: const UI_URL = `http://localhost:${DEFAULT_PORT}`; L27: L28: const MANIFEST_FILE = flags.manifest || path.join(process.cwd(), "systemview.manifest.json"); L29: const connectedUrls = new Set(); ... L33: try { L34: const manifest = JSON.parse(fs.readFileSync(MANIFEST_FILE, "utf8")); L35: const services = manifest.services || [manifest];
High
Entrypoint Build Divergence

Manifest entrypoint contains risky behavior absent from dist/build output.

cli/index.jsView on unpkg · L2

Findings

2 Critical3 High4 Medium6 Low
CriticalDownload Executebuild/static/js/main.6240c0f1.js
CriticalPrevious Version Dangerous Deltacli/index.js
HighChild Processcli/openBrowser.js
HighEvalbuild/static/js/main.6240c0f1.js
HighEntrypoint Build Divergencecli/index.js
MediumDynamic Requirecli/cookieClient.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License