registry  /  @blockquote-web-components/blockquote-directive-ariaidref-slot  /  1.3.22

@blockquote-web-components/blockquote-directive-ariaidref-slot@1.3.22

This directive creates a slot element, hidden by default, with a specific name and id

AI Security Review

scanned 3h ago · by lpm-firewall-ai

No confirmed malicious payload is present in the runtime source. The unresolved risk is an install-time postinstall that invokes npx sort-package-json, which may run or obtain an external formatter during npm install.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install lifecycle postinstall
Impact
Potential install-time execution outside the package's web-component runtime, but no source evidence of exfiltration, persistence, destructive behavior, or control-surface mutation in this package.
Mechanism
install-time npx formatter invocation
Rationale
The package has a real install-time lifecycle risk because it invokes npx from postinstall, but inspected source does not show a concrete malicious chain. Downgrading to warn is appropriate rather than blocking because the runtime code is package-aligned and lacks exfiltration, persistence, destructive behavior, or AI-agent control hijack.
Evidence
package.jsonsrc/index.jssrc/BlockquoteDirectiveAriaidrefSlot.jsREADME.md

Decision evidence

public snapshot
AI called this Suspicious at 82.0% confidence as Unknown with medium false-positive risk.
Evidence for warning
  • package.json defines postinstall: npm run sort:package.
  • sort:package runs npx sort-package-json, an install-time external CLI invocation not needed for package runtime.
Evidence against
  • src/index.js only re-exports the directive implementation.
  • src/BlockquoteDirectiveAriaidrefSlot.js imports lit, creates a slot element, and does not use fs, child_process, eval, env access, or runtime network APIs.
  • No credential harvesting, persistence, destructive file operations, native binaries, dynamic require/import, or AI-agent control-surface writes found.
  • Only URLs found are documentation/demo badge links in comments/README, not executed endpoints.
Behavioral surface
SourceNo risky source behavior triggered.
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 2.93 KB of source

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = npm run sort:package
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = npm run sort:package
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High1 Medium1 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
LowScripts Present