AI Security Review
scanned 2h ago · by lpm-firewall-aiBrowser-side import automatically injects remote JavaScript resources. The default script URLs use mutable globals and unpinned `@latest` CDN targets, so a compromised target can execute in the host page's origin.
Static reason
No blocking static signals were detected.
Trigger
Importing the browser entrypoint or global bundle in a page with `window` available.
Impact
A changed CDN resource or overridden global URL can execute arbitrary JavaScript in the embedding page.
Mechanism
Automatic remote script injection from mutable, unpinned CDN URL globals.
Rationale
The package is not concretely malicious by source inspection, but it automatically executes unpinned remote scripts at import time. Warn rather than block because this is a real supply-chain/RCE risk without evidence of malicious intent or payload behavior.
Evidence
package.jsondist/index.cjsdist/super.global.jsdist/tools/player.cjsREADME.md
Network endpoints3
cdn.jsdelivr.net/npm/@t007/toast@latestcdn.jsdelivr.net/npm/@t007/input@latestcdn.jsdelivr.net/npm/@t007/dialog@latest
Decision evidence
public snapshotAI called this Suspicious at 91.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `dist/index.cjs` invokes `loadResource` for remote scripts during browser import.
- `dist/super.global.js` defaults three script URLs to unpinned `@latest` jsDelivr packages.
- Remote resource URLs are mutable through `window.T007_*_JS_SRC` globals.
- `dist/tools/player.cjs` also fetches user-supplied JSON configuration from a media `tmg` attribute.
Evidence against
- `package.json` has no preinstall/install/postinstall lifecycle hooks.
- No Node filesystem, child-process, environment-harvesting, or credential-exfiltration code was found in runtime bundles.
- Remote-loading code is aligned with the player UI and media-provider integrations.
- The detected `new Function` only implements string timer-handler compatibility in the global bundle.
Behavioral surface
ChildProcessDynamicRequireEvalFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcedist/super.global.jsView file
1100if (!sig) return win4.setTimeout(handler, timeout, ...args);
L1101: const id = win4.setTimeout(() => (sig.removeEventListener("abort", kill), "string" === typeof handler ? new Function(handler) : handler(...args)), timeout), kill = () => win4.clear...
L1102: return sig.addEventListener("abort", kill, { once: true }), id;
Low
Eval
Package source references a known benign dynamic code generation pattern.
dist/super.global.jsView on unpkg · L1100dist/tools/player.cjsView file
30// src/ts/consts/config.ts
L31: var import_sia_reactor = require("sia-reactor");
L32:
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/tools/player.cjsView on unpkg · L30Findings
2 Medium5 Low
MediumDynamic Requiredist/tools/player.cjs
MediumNetwork
LowScripts Present
LowEvaldist/super.global.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings