AI Security Review
scanned 2h ago · by lpm-firewall-aiThe CLI is a plugin/APInt loader with an explicit install/uninstall command path that can run command strings supplied by loaded APInt packages. It also self-installs only after an explicit CLI/import invocation in a project that does not declare the package. No install-time hook or concrete exfiltration path is present.
Static reason
One or more suspicious static signals were detected.
Trigger
Run the `telos-origin` CLI with `-e install` or `-e uninstall` and an APInt package defining script utilities; alternatively invoke the entrypoint outside a project declaring `telos-origin`.
Impact
A user loading an untrusted APInt can cause arbitrary local commands to run in that user’s environment; this package itself does not contain a concrete malicious payload.
Mechanism
Runtime APInt module loading and command execution from APInt metadata.
Rationale
Static inspection confirms a real arbitrary-command execution surface for explicitly loaded APInt content, but not a concrete malicious chain attributable to telos-origin@1.0.14. The scanner’s environment-variable signal is configuration propagation rather than harvesting.
Evidence
package.jsontelosOrigin.jstelosOrigin.jsontelosDefaults.jstelosUtils.jsAPInt.json
Decision evidence
public snapshotAI called this Suspicious at 87.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `telosOrigin.js` runs `npm install telos-origin` when its CLI is invoked outside a project listing it as a dependency.
- `telosOrigin.js` dynamically loads APInt module content/sources selected from runtime configuration.
- `telosDefaults.js` executes `script-install` and `script-uninstall` command strings from loaded APInt packages.
- `telosDefaults.js` writes the caller project’s `APInt.json` during explicit install/uninstall/set commands.
Evidence against
- `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
- No package source contains credential harvesting, HTTP client usage, or a concrete external network endpoint.
- The shell execution is tied to explicit `telos-origin -e install`/`uninstall` operations and APInt-provided scripts.
- The bundled `telosOrigin.json` loads only the package-owned `telosDefaults.js` module.
Behavioral surface
ChildProcessEnvironmentVarsFilesystemShell
Source & flagged code
2 flagged · loading sourcetelosOrigin.jsView file
16if(!getLocalPackages().includes("telos-origin"))
L17: require("child_process").execSync("npm install telos-origin");
L18:
High
16if(!getLocalPackages().includes("telos-origin"))
L17: require("child_process").execSync("npm install telos-origin");
L18:
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
telosOrigin.jsView on unpkg · L16Findings
3 High1 Medium1 Low
HighChild ProcesstelosOrigin.js
HighShell
HighRuntime Package InstalltelosOrigin.js
MediumEnvironment Vars
LowFilesystem