Skip to content

[MASTER] Complete AI Slop Intelligence Dashboard: 15 critical/high findings — fabricated intel, live credentials, unauthenticated Telegram abuse, nuclear targeting data, PII exposure #71

Description

@tg12

Summary

This repository is a textbook example of an AI-generated "intelligence dashboard" that has been deployed to production without any security review, data integrity standards, or engineering discipline. It presents itself as a real-time global intelligence platform but is largely a fabrication engine wrapped in a military-aesthetic UI. It contains live credentials, unauthenticated endpoints that abuse real Telegram users, committed PII, open SSRF vectors, public nuclear facility targeting data, and systematic fabrication of war events attributed to Reuters and Al Jazeera.

This issue is the index for all P0/P1 findings filed as part of the AI Slop Intelligence Dashboard Awareness Programme.

Programme: https://labs.jamessawyer.co.uk/ai-slop-intelligence-dashboards/


The Core Problem

This codebase was almost certainly vibe-coded by an LLM with minimal human review. The evidence:

  • Every "live" data feed that required real API keys or complex integration was quietly replaced with Math.random() and hardcoded arrays, but kept the source: "NASA FIRMS" / source: "UNHCR" attribution.
  • TypeScript build errors were suppressed with ignoreBuildErrors: true rather than fixed.
  • FALLBACK_SIGNALS contains fully fabricated military escalation events ("Israel launches airstrikes on Iranian nuclear facilities") attributed to Reuters, timestamped new Date(Date.now() - 5 * 60 * 1000) so they always read as "5 minutes ago."
  • A real Telegram bot token was committed to .env.local AND a second live token was committed to .env.example (the template file that's supposed to have placeholders).
  • Four private individuals' full names and Telegram IDs were committed to source code as inline comments.
  • Authentication was "implemented" on zero of the notification/alert/webhook endpoints.
  • The DEFCON level is permanently hardcoded to 3 with lastUpdated: new Date().toISOString() to fake liveness.

Filed Issues Index

# Title Severity
#56 Live Telegram bot tokens in .env.local and .env.example Critical
#57 Unauthenticated POST /api/notify — public Telegram broadcast Critical
#58 PII: 4 real individuals' names and Telegram IDs in source code High
#59 Telegram webhook /api/telegram — no signature verification High
#60 /api/alerts — unauthenticated Telegram spammer + SSRF relay Critical
#61 /api/infrastructure — nuclear weapons coords, IRAN_TARGETS, cable routes, public/unauthenticated Critical
#62 5 endpoints fabricate data attributed to NASA/UNHCR/Kalshi/NetBlocks High
#63 Wildcard Cache-Control: public on all /api/* including notification endpoints High
#64 typescript ignoreBuildErrors: true — type safety fully disabled in production High
#65 /api/health-proxy strips X-Frame-Options and CSP from upstream, serves third-party HTML under app origin High
#66 /api/signals FALLBACK_SIGNALS — fabricated CRITICAL war events attributed to Reuters/Al Jazeera fire real Telegram notifications Critical
#67 /api/live-streams hardcodes internal CDN HLS URLs for Sky News, Al Jazeera, DW, France 24 — unauthorised rebroadcast High
#68 /api/defcon hardcodes DEFCON 3 with fake live timestamp — classified level misrepresented as intelligence High
#69 In-memory rate limiter non-functional on serverless, bypassed via X-Forwarded-For, missing from 25/30 routes High
#70 No Content-Security-Policy — RSS entity decode + third-party scripts leave XSS fully unmitigated High

Previously filed by other auditors (not duplicated):

# Title
#53 /api/twitter fabricates engagement metrics and injects fallback posts
#54 /api/flights returns simulated military aircraft when OpenSky unavailable
#55 Rate-limit helper exists but most routes never apply it

What Needs to Happen

Before this application should be considered safe to operate:

  1. Immediate: Revoke both Telegram bot tokens (see Live Telegram bot tokens committed to public repo in .env.local and .env.example — immediate revocation required #56). They are live and publicly readable.
  2. Immediate: Remove PII from source code and rewrite git history (see PII violation: real names and Telegram user IDs of 4 private individuals committed in plain text to public repo #58).
  3. Immediate: Add authentication to /api/notify, /api/alerts, /api/telegram, /api/infrastructure (see Unauthenticated POST /api/notify allows anyone to broadcast arbitrary Telegram messages to all subscribers #57, Telegram webhook /api/telegram has no signature verification — forged payloads cause bot to message arbitrary users #59, Unauthenticated /api/alerts is a public Telegram spammer and SSRF relay — action:test sends to any user, action:create webhook hits any URL #60, Unauthenticated /api/infrastructure serves nuclear weapons facility coordinates, ICBM sites, undersea cable routes and an IRAN_TARGETS layer to anyone #61).
  4. Short term: Delete or gate the IRAN_TARGETS layer and nuclear weapons coordinate data (see Unauthenticated /api/infrastructure serves nuclear weapons facility coordinates, ICBM sites, undersea cable routes and an IRAN_TARGETS layer to anyone #61).
  5. Short term: Delete all fabricated fallback data attributed to real news organisations (see /api/signals FALLBACK_SIGNALS injects fabricated CRITICAL war events attributed to Reuters and Al Jazeera — triggers real Telegram notifications on RSS failure #66).
  6. Short term: Remove or replace the fabricated data endpoints (see 5 endpoints (/api/fires, /api/outages, /api/supply-chain, /api/displacement, /api/kalshi) return fabricated data attributed to NASA, UNHCR, Kalshi, NetBlocks with no disclosure #62).
  7. Medium term: Fix TypeScript (see typescript: ignoreBuildErrors: true silently suppresses all type errors in production builds — type safety fully disabled #64), add CSP (see No Content-Security-Policy header anywhere — RSS entity decoding + third-party scripts leave XSS fully unmitigated #70), fix the rate limiter (see In-memory rate limiter non-functional on serverless, trivially bypassed via X-Forwarded-For, and missing from ~25 of 30 API routes #69), fix the cache policy (see next.config.mjs wildcard Cache-Control: public applied to all /api/* routes including notification, alert, and Telegram endpoints #63), remove the health proxy (see Unauthenticated /api/health-proxy actively strips X-Frame-Options and CSP from upstream responses and serves third-party HTML under application origin #65).

This master issue was filed as part of the AI Slop Intelligence Dashboard Awareness Program — a public interest effort to identify and document AI-generated "intelligence dashboards" that present fabricated data as real-time intelligence, expose user PII, and ship with critical security vulnerabilities.

Programme: https://labs.jamessawyer.co.uk/ai-slop-intelligence-dashboards/
Audit conducted by: https://github.com/jamessawyer

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions