AI Security Review
scanned 4h ago · by lpm-firewall-aiNo confirmed attack surface is present in this extracted version. It is a metadata-only holding package with no install-time or runtime code.
Static reason
No blocking static signals were detected.
Trigger
None
Impact
No package-originated file, process, network, or agent-control action established.
Mechanism
No executable behavior
Rationale
Direct inspection found no code, lifecycle hooks, entrypoints, dependencies, or executable payloads. The package's README describes a removed-package security placeholder, which is consistent with the inert manifest.
Evidence
package.jsonREADME.md
Decision evidence
public snapshotAI called this Clean at 99.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json has no lifecycle scripts, entrypoints, dependencies, or bin.
- Package contains only package.json and README.md; no executable source or assets.
- README.md identifies this version as a security holding placeholder.
Behavioral surface
NoLicense
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
1 Low
LowNo License