registry  /  wt-api-shared  /  1.0.135

wt-api-shared@1.0.135

https://www.rabbitmq.com/tutorials/tutorial-two-javascript.html https://www.rabbitmq.com/install-homebrew.html

AI Security Review

scanned 2h ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. The package includes a project-local Claude permission allowlist that can weaken command confirmation when this directory is opened in Claude. It also contains an SMTP notification service with embedded credentials.

Static reason
One or more suspicious static signals were detected.
Trigger
Opening the extracted directory in Claude Code; invoking the notification service.
Impact
Selected agent shell commands may be auto-approved; the embedded SMTP account may be exposed or abused.
Mechanism
Agent command pre-authorization and SMTP email delivery.
Rationale
Source inspection found no concrete malicious install/import behavior or payload execution. The embedded AI-agent permission configuration and SMTP credentials create real downstream risk, so a warning is warranted rather than a block.
Evidence
.claude/settings.local.jsonpackage.jsondi/di.jsmodel-services/notification.service.jslibs/access-token.service.jslibs/file.helper.js
Network endpoints2
mail.service-desk.uzamqp://localhost

Decision evidence

public snapshot
AI called this Suspicious at 87.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • .claude/settings.local.json pre-authorizes npm, node, npx, and git Bash commands for Claude.
  • model-services/notification.service.js embeds SMTP account credentials and sends email.
  • di/di.js dynamically requires paths supplied by caller DI configuration.
Evidence against
  • package.json has no preinstall, install, postinstall, or bin lifecycle script.
  • No child_process, eval, vm, obfuscated payload, or remote code-loading primitive was found.
  • Network behavior is application-aligned: SMTP notification, local AMQP, and configured SSO token refresh.
  • Filesystem mutations are upload/image-management and authenticated file-deletion helpers.
Behavioral surface
Source
DynamicRequireEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 144 file(s), 683 KB of source

Source & flagged code

2 flagged · loading source
di/di.jsView file
11try { L12: const item = require(`${process.cwd()}${this.config[itemName].class}`); L13: this.items[itemName] = new item;
Medium
Dynamic Require

Package source references dynamic require/import behavior.

di/di.jsView on unpkg · L11
package.jsonView file
Runtime dependency names matching Node built-ins: crypto, fs, http, path
High
Node Builtin Dependency Squat

Package declares a runtime dependency whose name matches a Node built-in module.

package.jsonView on unpkg

Findings

1 High3 Medium3 Low
HighNode Builtin Dependency Squatpackage.json
MediumDynamic Requiredi/di.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings