AI Security Review
scanned 2h ago · by lpm-firewall-aiAt host application startup, the framework can load persisted module code from its `.vome` extension directory. It converts that code into handlers with `new Function`; no package-bundled network or install-time attack was confirmed.
Static reason
One or more suspicious static signals were detected.
Trigger
A host application starts and bootstraps installed Vome modules.
Impact
Code placed in the framework-managed module directory can run with the host server's privileges.
Mechanism
Local persisted module-script execution via `new Function`.
Rationale
The package is not proven malicious, but heavy obfuscation combined with automatic execution of persisted extension scripts creates a material unresolved dangerous capability. Downgrade to warn rather than block because no concrete malicious chain or install-time abuse was established.
Evidence
dist/server/index.jsdist/src/ext/path.d.tsdist/src/ext/module-registry.d.tspackage.json
Decision evidence
public snapshotAI called this Suspicious at 87.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- `dist/server/index.js` is deliberately obfuscated.
- `dist/server/index.js` reads module `server/index.js` content and executes it with `new Function`.
- The loader targets persistent `~/.vome/{hash}/modules/{key}` paths per `dist/src/ext/path.d.ts`.
- `ModuleRegistry.bootstrap()` loads installed modules at application startup per `dist/src/ext/module-registry.d.ts`.
Evidence against
- `package.json` has no `preinstall`, `install`, `postinstall`, or `prepare` hook.
- No server-side `fetch`, WebSocket, shell, or child-process primitive was found.
- The dynamic execution is documented as the package's business-module/plugin runtime.
- No concrete credential harvesting, exfiltration endpoint, or destructive package behavior was found.
Behavioral surface
DynamicRequireFilesystemNetwork
HighEntropyStringsMinifiedObfuscatedUrlStrings
WildcardDependency
Source & flagged code
3 flagged · loading sourcedist/server/index.jsView file
1const _0x113362=_0x1a18;(function(_0x54d080,_0x2f50c0){const _0x1c918e=_0x1a18,_0x205c93=_0x54d080();while(!![]){try{const _0x3ead98=parseInt(_0x1c918e(0x238))/0x1+-parseInt(_0x1c9...
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/server/index.jsView on unpkg · L1dist/admin/directives/perm.jsView file
1(function(_0x31eedd,_0x271c75){const _0x226df6=_0x45c6,_0x1482c6=_0x31eedd();while(!![]){try{const _0x23f6fb=parseInt(_0x226df6(0x149))/0x1+-parseInt(_0x226df6(0x150))/0x2+-parseIn...
High
Obfuscated Payload Loader
Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.
dist/admin/directives/perm.jsView on unpkg · L1dist/admin/static/fileicon/iconfont.woffView file
•path = [redacted].woff
kind = high_entropy_blob
sizeBytes = 4228
magicHex = [redacted]
High
Ships High Entropy Blob
Package ships high-entropy non-source blobs.
dist/admin/static/fileicon/iconfont.woffView on unpkgFindings
3 High4 Medium5 Low
HighObfuscated Payload Loaderdist/admin/directives/perm.js
HighObfuscated
HighShips High Entropy Blobdist/admin/static/fileicon/iconfont.woff
MediumDynamic Requiredist/server/index.js
MediumNetwork
MediumStructural Risk Force Deep Review
MediumWildcard Dependency
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings