AI Security Review
scanned 10d ago · by lpm-firewall-aiNo confirmed malicious attack surface. Observed network and file APIs are browser SDK behavior for loading media/assets and saving rendered video after user/runtime invocation.
Static reason
High-risk behavior combination matched malicious policy.
Trigger
User imports SDK and calls rendering/encoding APIs
Impact
No confirmed unauthorized impact; package may fail default import because manifest main references a missing file
Mechanism
Browser video rendering/encoding library
Rationale
Static inspection shows a bundled browser video SDK with package-aligned network/resource loading and user-invoked export/save functionality, not malware. The scanner's protestware/network hints appear to be noisy matches from bundled shader/source comments and documented website/CDN URLs.
Evidence
package.jsonREADME.mdvideoCoreSDK.react.es.min.js
Network endpoints5
cdn.h5ds.comcdn.h5ds.com/assets/effectcanvas/cdn.h5ds.com/assets/images/404.pngvideo.h5ds.comvideo.h5ds.com/docs/sdk/core.html
Decision evidence
public snapshotAI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
- package.json main points to missing videoCoreSDK.react.es.js while package contains videoCoreSDK.react.es.min.js
Evidence against
- package.json has no lifecycle scripts or bin entries
- README describes a front-end video/WebCodecs/ffmpeg/WebGL SDK
- videoCoreSDK.react.es.min.js exports React/browser video rendering and encoding APIs
- fetch usage downloads caller-provided media/ffmpeg assets for video processing
- Function("return this") appears in bundled library global detection, not payload execution
- No credential/env harvesting, install-time execution, shell, persistence, or destructive behavior found
Behavioral surface
ChildProcessNetwork
HighEntropyStringsMinifiedObfuscatedProtestwareTrivialUrlStrings
Source & flagged code
1 flagged · loading sourcepackage.jsonView file
•Published source reference
Low
Ai Review Evidence
package.json main points to missing videoCoreSDK.react.es.js while package contains videoCoreSDK.react.es.min.js
package.jsonView on unpkgFindings
1 Critical1 Medium4 Low
CriticalProtestware
MediumNetwork
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowAi Review Evidencepackage.json