registry  /  @flarehr/promoted-benefits-ui  /  1.0.1014

@flarehr/promoted-benefits-ui@1.0.1014

Flare Promoted Benefits

AI Security Review

scanned 5d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The browser UI loads observability/font resources and calls configured promotion backends during normal rendering.

Static reason
No blocking static signals were detected.
Trigger
Browser loads the promoted-benefits component
Impact
Normal product rendering and telemetry; no install-time or host-level mutation found
Mechanism
Runtime configuration, authenticated promotion API requests, and UI analytics
Rationale
Static inspection supports a normal embedded promoted-benefits web UI. Its network behavior is package-aligned and no concrete malicious chain or install-time host mutation is present.
Evidence
package.jsondist/index.htmldist/assets/index-CAJ4EMsc.jsdist/assets/index-BKQX8kED.cssREADME.md
Network endpoints3
www.datadoghq-browser-agent.com/us1/v5/datadog-rum.jsfonts.googleapis.com/css2?family=Inter:wght@100%3B200%3B300%3B400%3B500%3B600%3B700%3B800%3B900&display=fallbackeconnex.com.au/?rc=862160&utm_source=promoted_benefits&utm_medium=fallback&utm_campaign=energy_alwayson&utm_content=energy_intialoffer

Decision evidence

public snapshot
AI called this Clean at 96.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • `package.json` declares only `prepare: husky`; no preinstall/install/postinstall hook.
    • Package contents are static `dist/` browser assets plus images; no executable binaries or source-side file tooling.
    • `dist/assets/index-CAJ4EMsc.js` fetches runtime config and promotion APIs using supplied access tokens for the advertised UI.
    • No credential harvesting, filesystem writes, shell execution, dynamic code evaluation, or persistence was found.
    • `dist/index.html` loads Datadog RUM with masked user-input privacy settings; CSS loads a Google font.
    Behavioral surface
    Source
    Network
    Supply chain
    HighEntropyStringsMinifiedTrivialUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 1 file(s), 31.2 KB of source, external domains: econnex.com.au, github.com, www.w3.org

    Source & flagged code

    0 flagged
    No flagged code excerpts are attached to this scan.

    Findings

    1 Medium4 Low
    MediumNetwork
    LowNon Install Lifecycle Scripts
    LowScripts Present
    LowHigh Entropy Strings
    LowUrl Strings