Is "@backstage/plugin-auth-node" on n8n Safe to Install?

patriko · n8n · v0.6.14

Risk Assessment

Analyzed
80.81
out of 100
HIGH

119 security findings detected across all analyzers

Severity Breakdown

0
Critical
0
High
45
Medium
74
Low
0
Info

Finding Categories

45
IoC Indicators

YARA Rules Matched

10 rules(59 hits)
postinstall obfuscation postinstall system command postinstall file download postinstall file manipulation postinstall network communication postinstall crypto operations credential env files RedirectToUnknownPath postinstall persistence mechanism postinstall environment access

Detailed Findings

74 total

YARA Rule Matches

10 rules

Indicators of Compromise

Network indicators, suspicious strings, and potential IoCs extracted during analysis

URLs
5
IP Addresses
1
Domains
39
Strings
45

All Indicators · 45

Domain
detected Domain: defaultidentityclient.cjs.js.map

XIOC detected Domain: defaultidentityclient.cjs.js.map

extracted_from_files

Domain
detected Domain: passporthelpers.cjs.js.map

XIOC detected Domain: passporthelpers.cjs.js.map

extracted_from_files

Domain
detected Domain: date.now

XIOC detected Domain: date.now

extracted_from_files

Domain
detected Domain: sendwebmessageresponse.cjs.js.map

XIOC detected Domain: sendwebmessageresponse.cjs.js.map

extracted_from_files

Domain
detected Domain: authprovidersextensionpoint.cjs.js.map

XIOC detected Domain: authprovidersextensionpoint.cjs.js.map

extracted_from_files

Domain
detected Domain: www.apache.org

XIOC detected Domain: www.apache.org

extracted_from_files

IP
detected Domain: authownershipresolutionextensionpoint.cjs.js.map

XIOC detected Domain: authownershipresolutionextensionpoint.cjs.js.map

extracted_from_files

Domain
detected Domain: leading.in

XIOC detected Domain: leading.in

extracted_from_files

Domain
detected Domain: oauthcookiemanager.cjs.js.map

XIOC detected Domain: oauthcookiemanager.cjs.js.map

extracted_from_files

Domain
detected Domain: cookiescopemanager.cjs.js.map

XIOC detected Domain: cookiescopemanager.cjs.js.map

extracted_from_files

Domain
detected Domain: vnd.backstage.limited

XIOC detected Domain: vnd.backstage.limited

extracted_from_files

Domain
detected Domain: index.cjs.js.map

XIOC detected Domain: index.cjs.js.map

extracted_from_files

Domain
detected Domain: decoded.email

XIOC detected Domain: decoded.email

extracted_from_files

Domain
detected Domain: getbearertokenfromauthorizationheader.cjs.js.map

XIOC detected Domain: getbearertokenfromauthorizationheader.cjs.js.map

extracted_from_files

Domain
detected Domain: identityclient.cjs.js.map

XIOC detected Domain: identityclient.cjs.js.map

extracted_from_files

Domain
detected Domain: types.cjs.js.map

XIOC detected Domain: types.cjs.js.map

extracted_from_files

Domain
detected Domain: createoauthroutehandlers.cjs.js.map

XIOC detected Domain: createoauthroutehandlers.cjs.js.map

extracted_from_files

Domain
detected Domain: createoauthproviderfactory.cjs.js.map

XIOC detected Domain: createoauthproviderfactory.cjs.js.map

extracted_from_files

Domain
detected Domain: passportoauthauthenticatorhelper.cjs.js.map

XIOC detected Domain: passportoauthauthenticatorhelper.cjs.js.map

extracted_from_files

Domain
detected Domain: result.params.id

XIOC detected Domain: result.params.id

extracted_from_files

Domain
detected Domain: oauthenvironmenthandler.cjs.js.map

XIOC detected Domain: oauthenvironmenthandler.cjs.js.map

extracted_from_files

Domain
detected Domain: strategy.fail

XIOC detected Domain: strategy.fail

extracted_from_files

Domain
detected Domain: decoded.name

XIOC detected Domain: decoded.name

extracted_from_files

Domain
detected Domain: security.snyk.io

XIOC detected Domain: security.snyk.io

extracted_from_files

URL
detected URL: https://backstage.io

XIOC detected URL: https://backstage.io

extracted_from_files

URL
detected URL: https://github.com/backstage/backstage

XIOC detected URL: https://github.com/backstage/backstage

extracted_from_files

Domain
detected Domain: createsigninresolverfactory.cjs.js.map

XIOC detected Domain: createsigninresolverfactory.cjs.js.map

extracted_from_files

Domain
detected Domain: readdeclarativesigninresolver.cjs.js.map

XIOC detected Domain: readdeclarativesigninresolver.cjs.js.map

extracted_from_files

Domain
detected Domain: backstage.io

XIOC detected Domain: backstage.io

extracted_from_files

Other
detected Email: [email protected]

XIOC detected Email: [email protected]

extracted_from_files

URL
detected URL: https://security.snyk.io/vuln/SNYK-JS-ZOD-5925617

XIOC detected URL: https://security.snyk.io/vuln/SNYK-JS-ZOD-5925617

extracted_from_files

URL
detected URL: http://www.apache.org/licenses/LICENSE-2.0

XIOC detected URL: http://www.apache.org/licenses/LICENSE-2.0

extracted_from_files

URL
detected URL: https://github.com/panva/jose

XIOC detected URL: https://github.com/panva/jose

extracted_from_files

Domain
detected Domain: error.oautherror.data

XIOC detected Domain: error.oautherror.data

extracted_from_files

Domain
detected Domain: state.cjs.js.map

XIOC detected Domain: state.cjs.js.map

extracted_from_files

Domain
detected Domain: createproxyauthproviderfactory.cjs.js.map

XIOC detected Domain: createproxyauthproviderfactory.cjs.js.map

extracted_from_files

Domain
detected Domain: createproxyroutehandlers.cjs.js.map

XIOC detected Domain: createproxyroutehandlers.cjs.js.map

extracted_from_files

Domain
detected Domain: spec.profile.email

XIOC detected Domain: spec.profile.email

extracted_from_files

Domain
detected Domain: commonsigninresolvers.cjs.js.map

XIOC detected Domain: commonsigninresolvers.cjs.js.map

extracted_from_files

Domain
detected Domain: acme.com

XIOC detected Domain: acme.com

extracted_from_files

Domain
detected Domain: profile.email

XIOC detected Domain: profile.email

extracted_from_files

Domain
detected Domain: profile.photos

XIOC detected Domain: profile.photos

extracted_from_files

Domain
detected Domain: profile.photo

XIOC detected Domain: profile.photo

extracted_from_files

Domain
detected Domain: profile.id

XIOC detected Domain: profile.id

extracted_from_files

Domain
detected Domain: preparebackstageidentityresponse.cjs.js.map

XIOC detected Domain: preparebackstageidentityresponse.cjs.js.map

extracted_from_files

Security Analysis Summary

Security Analysis Overview

@backstage/plugin-auth-node is a n8n extension published by patriko. Version 0.6.14 has been analyzed by the Risky Plugins security platform, receiving a risk score of 80.81/100 (HIGH risk) based on 119 security findings.

Risk Assessment

This extension presents critical security risk. Severe issues were detected, potentially including malware indicators, exposed secrets, or dangerous behaviors. Installation is strongly discouraged until these issues are addressed.

Findings Breakdown

  • Medium: 45 finding(s)
  • Low: 74 finding(s)

What Was Analyzed

The security assessment covers multiple analysis categories:

  • Malware Detection: YARA rule matching against 2,400+ malware signatures
  • Secret Detection: Scanning for exposed API keys, tokens, and credentials
  • Static Analysis: Code-level security analysis for common vulnerability patterns
  • Network Analysis: Detection of suspicious network communications and endpoints
  • Obfuscation Detection: Identification of code obfuscation techniques

Developer Information

@backstage/plugin-auth-node is published by patriko on the n8n marketplace.

Recommendation

This extension is not recommended for installation without thorough manual review. Consider alternatives with lower risk scores, or contact the developer to address the identified security concerns.

Frequently Asked Questions

Similar Extensions

Related extensions from the same publisher or marketplace

@backstage-community/plugin-mcp-chat-backend

patriko

CRITICAL

@backstage-community/plugin-announcements

patriko

HIGH

@backstage/plugin-mcp-actions-backend

patriko

HIGH

@backstage-community/plugin-cost-insights

patriko

HIGH

@backstage-community/plugin-manage-backend

patriko

HIGH

@backstage/plugin-scaffolder-node

patriko

HIGH