registry  /  website-api  /  1.2.2

website-api@1.2.2

CLI and library to query website private APIs with your real logged-in Chrome session

AI Security Review

scanned 8d ago · by lpm-firewall-ai

No confirmed malicious attack surface is established. The package is a CLI/library for querying website APIs using the user's Chrome session, with sensitive capabilities aligned to its documented purpose and activated by user commands.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs the CLI/library for a site query or extension command.
Impact
May send the user's site cookies to the selected site's own APIs or run user-installed extension code after confirmation; no unconsented install/import-time exfiltration found.
Mechanism
User-directed browser cookie/session API querying and optional integrity-checked extension install.
Rationale
Static source inspection found powerful cookie, browser, network, and extension-loading features, but they are documented, user-invoked, domain-aligned, and include confirmation/integrity checks for remote extensions. No lifecycle execution, import-time exfiltration, credential harvesting to unrelated endpoints, persistence, destructive behavior, or AI-agent control-surface mutation was found.
Evidence
package.jsonREADME.mddist/bin/cli.jsdist/src/website-api.jsdist/src/core/context.jsdist/src/core/registry.jsdist/src/capabilities/cookies.jsdist/src/cli/ext.jsdist/src/sites/voice.google.com/api/voice-helpers.jsdist/src/core/loader.js

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • dist/src/capabilities/cookies.js reads decrypted Chrome cookies/passwords for requested site domains.
  • dist/src/core/registry.js can download and import extension site modules, but only via user-invoked ext commands.
  • dist/src/cli/ext.js writes output files and installed extensions when explicitly requested.
Evidence against
  • package.json has no install/preinstall/postinstall lifecycle hooks.
  • dist/src/website-api.js import only loads package .env and exports APIs; no network or exfiltration on import.
  • dist/bin/cli.js performs actions only after CLI invocation and routes to declared website adapters.
  • dist/src/core/registry.js verifies downloaded extension files by sha256 before writing/importing.
  • dist/src/sites/voice.google.com/api/voice-helpers.js contains a documented public Google web-client API key, not a private secret.
  • README.md documents cookie/session access and warns that registry extensions run with browser-session access.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 44 file(s), 265 KB of source, external domains: api.census.gov, api.e-zpassny.com, claude.ai, clients6.google.com, cursor.com, gemini.google.com, mysmartenergy.nj.pseg.com, ollama.com, raw.githubusercontent.com, secure.chase.com, tigerweb.geo.census.gov, voice.google.com, website-api-list.lgnat.com, www.e-zpassny.com, www.google.com, www.perplexity.ai, www.zillow.com

Source & flagged code

8 flagged · loading source
dist/src/sites/voice.google.com/api/voice-helpers.jsView file
12patternName = google_api_key severity = high line = 12 matchedText = export c...llow
High
High Secret

Package contains a high-severity secret pattern.

dist/src/sites/voice.google.com/api/voice-helpers.jsView on unpkg · L12
12patternName = google_api_key severity = high line = 12 matchedText = export c...llow
High
Secret Pattern

Google API key in dist/src/sites/voice.google.com/api/voice-helpers.js

dist/src/sites/voice.google.com/api/voice-helpers.jsView on unpkg · L12
2/** L3: * Google Voice's web app fetches data from a private JSON+protobuf API: L4: * POST https://clients6.google.com/voice/v1/voiceclient/<method>?alt=protojson&key=<API_KEY> L5: * ... L96: "x-javascript-user-agent": "google-api-javascript-client/1.1.0", L97: "x-goog-encode-response-if-executable": "base64", L98: Cookie: cookieHeader,
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/src/sites/voice.google.com/api/voice-helpers.jsView on unpkg · L2
dist/src/core/context.jsView file
matchType = previous_version_dangerous_delta matchedPackage = website-api@1.2.1 matchedIdentity = npm:d2Vic2l0ZS1hcGk:1.2.1 similarity = 0.977 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version.

dist/src/core/context.jsView on unpkg
135browser, L136: async eval(fn, arg) { L137: const page = await browser();
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/src/core/context.jsView on unpkg · L135
dist/src/core/registry.jsView file
308try { L309: mod = await import(pathToFileURL(filePath).href); L310: }
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/src/core/registry.jsView on unpkg · L308
dist/src/capabilities/login/login-helper.jsView file
154patternName = generic_password severity = medium line = 154 matchedText = console....'`);
Medium
Secret Pattern

Hardcoded password in dist/src/capabilities/login/login-helper.js

dist/src/capabilities/login/login-helper.jsView on unpkg · L154
dist/src/sites/voice.google.com/api/voice-helpers.d.tsView file
12patternName = google_api_key severity = high line = 12 matchedText = export d...Bg";
High
Secret Pattern

Google API key in dist/src/sites/voice.google.com/api/voice-helpers.d.ts

dist/src/sites/voice.google.com/api/voice-helpers.d.tsView on unpkg · L12

Findings

1 Critical3 High4 Medium6 Low
CriticalPrevious Version Dangerous Deltadist/src/core/context.js
HighHigh Secretdist/src/sites/voice.google.com/api/voice-helpers.js
HighSecret Patterndist/src/sites/voice.google.com/api/voice-helpers.js
HighSecret Patterndist/src/sites/voice.google.com/api/voice-helpers.d.ts
MediumDynamic Requiredist/src/core/registry.js
MediumNetwork
MediumEnvironment Vars
MediumSecret Patterndist/src/capabilities/login/login-helper.js
LowScripts Present
LowEvaldist/src/core/context.js
LowWeak Cryptodist/src/sites/voice.google.com/api/voice-helpers.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings