[phantomcreds] Credential-handling risks detected in this repository

[tg12]

Credential-handling risk report for anschmieg/cli-proxy-api-plus

phantomcreds detected repo-level code or deployment patterns that warrant maintainer review.

Metric	Value
Scan date	2026-05-18
Composite score	1.000
Findings	5
Issue-worthy findings	4
Discovery sources	auth-bypass, management-cors, token-serialization

Detected finding types: callback_exposure, local_secret_mirror, management_auth_bypass, wildcard_management_cors

Remote token backends still mirror auth material to local spool directories

• Severity: high
• Confidence: confirmed
• Summary: Remote-backed auth storage still creates local auth/config directories, so operator expectations about central-only secret storage are violated.

Evidence:

• internal/store/objectstore.go:26 - objectStoreConfigKey = "config/config.yaml"
• internal/store/objectstore.go:27 - objectStoreAuthPrefix = "auths"
• internal/store/objectstore.go:30 - // ObjectStoreConfig captures configuration for the object storage-backed token store.
• internal/store/postgresstore.go:34 - SpoolDir string

OAuth callback listeners bind broadly and are published in default deployment files

• Severity: medium
• Confidence: confirmed
• Summary: Callback helpers intended for local browser round-trips are reachable beyond loopback by default.

Evidence:

• internal/auth/claude/oauth_server.go:90 - Addr: fmt.Sprintf(":%d", s.port),
• internal/auth/codex/oauth_server.go:87 - Addr: fmt.Sprintf(":%d", s.port),

Management proxy routes bypass API-key authentication

• Severity: high
• Confidence: confirmed
• Summary: The route wrapper skips auth for several management-related prefixes, expanding access to proxy/login functionality.

Evidence:

• internal/api/modules/amp/routes.go:130 - // wrapManagementAuth skips auth for selected management paths while keeping authentication elsewhere.
• internal/api/modules/amp/routes.go:131 - func wrapManagementAuth(auth gin.HandlerFunc, prefixes ...string) gin.HandlerFunc {
• internal/api/modules/amp/routes.go:161 - authWithBypass = wrapManagementAuth(auth, "/threads", "/auth", "/docs", "/settings")

Wildcard CORS is applied to management endpoints

• Severity: high
• Confidence: confirmed
• Summary: Management routes inherit Access-Control-Allow-Origin: * with broad methods and headers, widening the browser attack surface.

Evidence:

• internal/api/server.go:1234 - c.Header("Access-Control-Allow-Origin", "*")
• internal/api/server.go:249 - engine.Use(corsMiddleware())
• internal/api/server.go:571 - mgmt := s.engine.Group("/v0/management")

---

This scan is evidence-first and probabilistic. It is not an accusation of malicious intent.
If any finding is incorrect or outdated, please reply with corrected context and exact file references.

Automated by phantomcreds.
Project repo · Created by James Sawyer at JS Labs.

[tg12]

Scan update: 2026-05-18

This issue remains open. The current scan still observes credential-handling patterns that match the existing report.

• Composite score: 1.000
• Findings: 5
• Issue-worthy findings: 4

Finding types: callback_exposure, local_secret_mirror, management_auth_bypass, wildcard_management_cors

• Remote token backends still mirror auth material to local spool directories
• OAuth callback listeners bind broadly and are published in default deployment files
• Management proxy routes bypass API-key authentication
• Wildcard CORS is applied to management endpoints

Source: phantomcreds by James Sawyer at JS Labs.