registry  /  @flarehr/promoted-benefits-ui  /  1.0.1025

@flarehr/promoted-benefits-ui@1.0.1025

Flare Promoted Benefits

AI Security Review

scanned 3h ago · by lpm-firewall-ai

No confirmed malicious attack surface is established. The shipped artifact is a browser UI that fetches application-configured benefits and analytics endpoints and reports iframe sizing/session events to its parent.

Static reason
No blocking static signals were detected.
Trigger
Browser loads dist/index.html and a user views or interacts with promoted benefits.
Impact
Expected application functionality and telemetry; no package-side install mutation, local-file access, or payload execution found.
Mechanism
Browser-rendered benefits UI with OAuth/config/API telemetry requests.
Rationale
Direct inspection shows a compiled Preact benefits widget with package-aligned browser requests and telemetry. No concrete malicious behavior or unconsented lifecycle control-surface mutation was found.
Evidence
package.jsondist/index.htmldist/assets/index-Cp3gUDAz.jsREADME.mddist/assets/index-BKQX8kED.css
Network endpoints3
www.datadoghq-browser-agent.com/us1/v5/datadog-rum.jseconnex.com.au/?rc=862160&utm_source=promoted_benefits&utm_medium=fallback&utm_campaign=energy_alwayson&utm_content=energy_intialofferfonts.googleapis.com/css2?family=Inter:wght@100%3B200%3B300%3B400%3B500%3B600%3B700%3B800%3B900&display=fallback

Decision evidence

public snapshot
AI called this Clean at 97.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json only defines a prepare hook invoking husky; no .husky files are shipped.
    • No install-time executable, bin, or Node entrypoint is declared.
    • dist/assets/index-Cp3gUDAz.js contains browser UI requests for config, OAuth, benefits, and promotion analytics.
    • No eval, Function, child_process, filesystem, credential-harvesting, or persistence primitives were found.
    • dist/index.html loads Datadog RUM with input masking; external fallback link targets econnex.com.au.
    Behavioral surface
    Source
    Network
    Supply chain
    HighEntropyStringsMinifiedTrivialUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 1 file(s), 31.2 KB of source, external domains: econnex.com.au, github.com, www.w3.org

    Source & flagged code

    0 flagged
    No flagged code excerpts are attached to this scan.

    Findings

    1 Medium4 Low
    MediumNetwork
    LowNon Install Lifecycle Scripts
    LowScripts Present
    LowHigh Entropy Strings
    LowUrl Strings