AI called this Clean at 96.0% confidence as Benign with low false-positive risk.
Evidence against
- package.json has no preinstall/install/postinstall lifecycle hook.
- dist/index.js is the declared CLI/MCP entrypoint and sends tool requests only through configured Elixium API base URL.
- dist/outbound-auth.js forwards request bearer/API-key credentials only to that axios client; no harvesting or unrelated exfiltration found.
- No child-process, shell, eval/vm, dynamic loader, or destructive filesystem APIs found in package files.
- dist/index.js writes only bundled workflow templates when the user explicitly invokes the init command.
Behavioral surface
SourceCryptoEnvironmentVarsFilesystemNetwork
Supply chainHighEntropyStringsUrlStrings
scanned 22 file(s), 275 KB of source, external domains: connect.elixium.ai, elixium.ai