registry  /  website-api  /  1.1.21

website-api@1.1.21

CLI and library to query website private APIs with your real logged-in Chrome session

AI Security Review

scanned 8d ago · by lpm-firewall-ai

No confirmed malicious attack surface is established by source inspection. The package is a CLI/library for user-invoked website API calls using a local Chrome session, with explicit extension registry functionality.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs the CLI/library for a site adapter or extension command.
Impact
Can access authenticated target-site data when invoked by the user, but no hidden harvesting or exfiltration was found.
Mechanism
Package-aligned browser/API automation with lazy cookie and credential access.
Rationale
The risky primitives are consistent with the stated purpose of querying website private APIs from a real Chrome session and are user-invoked rather than install-time or covert. I found no credential exfiltration, persistence, destructive behavior, dependency confusion, or AI-agent control-surface mutation.
Evidence
package.jsondist/bin/cli.jsdist/src/website-api.jsdist/src/core/context.jsdist/src/core/registry.jsdist/src/capabilities/cookies.jsdist/src/sites/voice.google.com/voice-helpers.jsdist/src/sites/maps.google.com/index.js
Network endpoints7
website-api-list.lgnat.comraw.githubusercontent.com/${source.repo}/${ref}/${path}clients6.google.com/voice/v1/voiceclientvoice.google.comwww.google.com/mapsapi.census.govtigerweb.geo.census.gov

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with low false-positive risk.
Evidence for block
  • Reads Chrome cookies/passwords via chrome-tools for target-site adapters in dist/src/capabilities/cookies.js.
  • User-invoked extension install can download/import third-party site code in dist/src/core/registry.js.
  • dist/src/sites/voice.google.com/voice-helpers.js builds Google Voice auth headers from user cookies.
  • dist/src/sites/maps.google.com/index.js injects a browser overlay via ctx.eval when that adapter is run.
Evidence against
  • package.json has no install/preinstall/postinstall lifecycle hooks.
  • dist/src/website-api.js import-time behavior only loads a local .env file into process.env.
  • Cookie/credential access is lazy and scoped to selected site adapters, not automatic install/import exfiltration.
  • Registry install verifies sha256 before writing extension files and CLI warns before installing code with browser-session access.
  • Scanner secret hits are public Google/Census client keys documented in source and used for matching site APIs.
  • Observed network endpoints are package-aligned website APIs, registries, or user-requested universal URLs.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 41 file(s), 252 KB of source, external domains: api.census.gov, api.e-zpassny.com, claude.ai, clients6.google.com, cursor.com, gemini.google.com, mysmartenergy.nj.pseg.com, ollama.com, raw.githubusercontent.com, secure.chase.com, tigerweb.geo.census.gov, voice.google.com, website-api-list.lgnat.com, www.bloomberg.com, www.e-zpassny.com, www.google.com, www.perplexity.ai, www.zillow.com

Source & flagged code

8 flagged · loading source
dist/src/sites/voice.google.com/voice-helpers.jsView file
12patternName = google_api_key severity = high line = 12 matchedText = export c...llow
High
High Secret

Package contains a high-severity secret pattern.

dist/src/sites/voice.google.com/voice-helpers.jsView on unpkg · L12
12patternName = google_api_key severity = high line = 12 matchedText = export c...llow
High
Secret Pattern

Google API key in dist/src/sites/voice.google.com/voice-helpers.js

dist/src/sites/voice.google.com/voice-helpers.jsView on unpkg · L12
2/** L3: * Google Voice's web app fetches data from a private JSON+protobuf API: L4: * POST https://clients6.google.com/voice/v1/voiceclient/<method>?alt=protojson&key=<API_KEY> L5: * ... L96: "x-javascript-user-agent": "google-api-javascript-client/1.1.0", L97: "x-goog-encode-response-if-executable": "base64", L98: Cookie: cookieHeader,
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/src/sites/voice.google.com/voice-helpers.jsView on unpkg · L2
dist/src/core/context.jsView file
134browser, L135: async eval(fn, arg) { L136: const page = await browser();
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/src/core/context.jsView on unpkg · L134
dist/src/core/registry.jsView file
308try { L309: mod = await import(pathToFileURL(filePath).href); L310: }
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/src/core/registry.jsView on unpkg · L308
dist/src/sites/maps.google.com/index.jsView file
matchType = previous_version_dangerous_delta matchedPackage = website-api@1.1.20 matchedIdentity = npm:d2Vic2l0ZS1hcGk:1.1.20 similarity = 0.950 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version.

dist/src/sites/maps.google.com/index.jsView on unpkg
dist/src/capabilities/login/login-helper.jsView file
154patternName = generic_password severity = medium line = 154 matchedText = console....'`);
Medium
Secret Pattern

Hardcoded password in dist/src/capabilities/login/login-helper.js

dist/src/capabilities/login/login-helper.jsView on unpkg · L154
dist/src/sites/voice.google.com/voice-helpers.d.tsView file
12patternName = google_api_key severity = high line = 12 matchedText = export d...Bg";
High
Secret Pattern

Google API key in dist/src/sites/voice.google.com/voice-helpers.d.ts

dist/src/sites/voice.google.com/voice-helpers.d.tsView on unpkg · L12

Findings

1 Critical3 High4 Medium6 Low
CriticalPrevious Version Dangerous Deltadist/src/sites/maps.google.com/index.js
HighHigh Secretdist/src/sites/voice.google.com/voice-helpers.js
HighSecret Patterndist/src/sites/voice.google.com/voice-helpers.js
HighSecret Patterndist/src/sites/voice.google.com/voice-helpers.d.ts
MediumDynamic Requiredist/src/core/registry.js
MediumNetwork
MediumEnvironment Vars
MediumSecret Patterndist/src/capabilities/login/login-helper.js
LowScripts Present
LowEvaldist/src/core/context.js
LowWeak Cryptodist/src/sites/voice.google.com/voice-helpers.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings