AI Security Review
scanned 3h ago · by lpm-firewall-aiAt runtime, the browser bundle can append script elements sourced from `https://cdn.h5ds.com/assets/effectcanvas/`. The downloaded script is registered and invoked as an effect module, allowing the CDN-controlled response to execute in the consuming application's browser origin.
Static reason
High-risk behavior combination matched malicious policy.
Trigger
Importing and using the SDK rendering/effect path that reaches `EModule.import`.
Impact
A CDN response can execute arbitrary JavaScript with the consuming web application's browser-origin privileges, including access to application-visible DOM, storage, and network capabilities permitted to that origin.
Mechanism
Runtime remote script injection and module-factory execution
Attack narrative
The SDK's shipped browser bundle establishes `https://cdn.h5ds.com/assets/effectcanvas/` as a remote effect-module base, creates `<script>` elements for remote `.js` or `.txt` module responses, and executes their registered factories when the effect import path is reached. This allows code served from that CDN after package publication to run in a consuming application's browser context; the strongest evidence is the loader and its `EModule.import` call site in `videoCoreSDK.react.es.min.js`.
Rationale
Static inspection resolves the prior manual review: despite package-aligned media rendering code and no install hook, the bundle contains a reachable external JavaScript loader whose fixed CDN responses are appended as executable scripts. This is a concrete runtime remote-code-execution supply-chain surface rather than a critical vulnerability exposed by an otherwise local implementation, and no bounded evidence establishes a documented, user-controlled source that would justify downgrading it.
Evidence
package.jsonREADME.mdvideoCoreSDK.react.es.min.jsvideo-core-sdk.d.ts
Network endpoints1
cdn.h5ds.com/assets/effectcanvas/
Decision evidence
public snapshotAI called this Malicious at 93.0% confidence as Malware with low false-positive risk.
Evidence for block
- `videoCoreSDK.react.es.min.js` assigns `window.EModuleEffectSourcePath` to `https://cdn.h5ds.com/assets/effectcanvas/` and defines `EModule.import` to create and append a `<script>` element whose URL is constructed from that remote base plus a module name.
- The remote loader accepts a `.js` or `.txt` response as a script source, waits for it to populate a module registry, then invokes its registered factory; this is remote JavaScript execution in the consumer browser.
- `videoCoreSDK.react.es.min.js` contains an `EModule.import` call site, so the loader is reachable from the shipped rendering bundle rather than inert helper code.
- The package has no lifecycle scripts; the confirmed execution chain is runtime import/render use, not npm installation.
- The shipped manifest points `main` at `videoCoreSDK.react.es.js`, but the package contains only `videoCoreSDK.react.es.min.js`; this is a packaging defect and does not explain or neutralize the reachable remote script loader.
Evidence against
- The bundle and README are structurally consistent with a browser-side video/canvas rendering SDK and contain normal media-resource fetches, font loading, WebGL shader support, and Lottie/media decoding helpers.
- No `child_process`, Node filesystem access, environment-secret access, browser-cookie access, persistence behavior, or AI-agent control-surface mutation was found in the inspected package files.
- The remote module source is a fixed vendor CDN host rather than an arbitrary user-supplied URL, reducing evidence of credential theft or local-device compromise but not eliminating remote-code execution risk.
- No package-supplied reviewer/scanner-directed text or other inspection-manipulation content was found.
Behavioral surface
ChildProcessNetwork
HighEntropyStringsMinifiedObfuscatedProtestwareTrivialUrlStrings
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
1 Critical5 High1 Medium3 Low
CriticalProtestware
HighAi Review Evidence
HighAi Review Evidence
HighAi Review Evidence
HighSuspicious Lifecycle Evidence
HighAi Review Evidence
MediumNetwork
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings