AI Security Review
scanned 4h ago · by lpm-firewall-aiNo confirmed malicious attack surface. Import-time behavior is limited to a best-effort node:async_hooks import for request scoping; guardrail interception requires an explicit consumer call.
Decision evidence
public snapshot- package.json has no preinstall/install/postinstall or bin hook.
- dist/index.js only registers interceptors when install() or scoped() is called by the consumer.
- dist/rules.js uses zero-width Unicode deliberately in a sanitizer regex, not to conceal control flow.
- dist/embeddings.js dynamically imports only the declared optional @huggingface/transformers peer when localEmbedder() is invoked.
- No child-process, filesystem, environment-harvesting, eval, or outbound-network primitive is present in executable source.
- Hosted-client adapters invoke caller-supplied clients; no package-controlled endpoint or credential handling was found.
Source & flagged code
4 flagged · loading sourcePackage text addresses the security reviewer or scanner and tries to influence the review outcome.
README.mdView on unpkgSource contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/rules.jsView on unpkg · L103A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/rules.jsView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/rules.jsView on unpkg