registry  /  @lousy-agents/lint  /  5.17.3

@lousy-agents/lint@5.17.3

Programmatic lint API for validating AI coding assistant configurations — skills, agents, hooks, and instructions

AI Security Review

scanned 1h ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package activates only when a consumer calls runLint; its normal path validates a target directory and lints agent-related configuration files.

Static reason
High-risk behavior combination matched malicious policy.; previous stored version diff introduced dangerous source
Trigger
Consumer calls runLint with a project directory.
Impact
No unconsented install-time mutation, credential collection, exfiltration, persistence, or remote payload execution was confirmed.
Mechanism
User-invoked project configuration parsing and linting.
Rationale
Scanner hits are bundled dependency capabilities: c12 can optionally resolve a remote config extension and JSON5 contains Unicode character tables. Source inspection found no lifecycle execution or concrete malicious chain in this lint library.
Evidence
package.jsondist/index.jsdist/653.jsdist/913.jsREADME.md

Decision evidence

public snapshot
AI called this Clean at 94.0% confidence as Benign with high false-positive risk.
Evidence for block
    Evidence against
    • package.json has no preinstall, install, postinstall, bin, or dependency runtime hooks.
    • dist/index.js exports lint APIs and performs no top-level network, process, or filesystem action beyond module setup.
    • runLint validates a caller-supplied directory, loads lint rules, then reads and analyzes selected project configuration files.
    • dist/653.js is lazily loaded only by c12 remote-config extension handling; it is not reached by normal lint execution.
    • dist/913.js Unicode controls are escaped JSON5 Unicode-range data, not executable bidi source text.
    • All dynamic imports resolve to packaged local dist chunks.
    Behavioral surface
    Source
    ChildProcessDynamicRequireEnvironmentVarsFilesystemNativeBindingsNetwork
    Supply chain
    HighEntropyStringsMinifiedObfuscatedUrlStrings
    Manifest
    WildcardDependency
    scanned 10 file(s), 1.93 MB of source, external domains: api.github.com, bitbucket.com, bitbucket.org, blog.stevenlevithan.com, caniuse.com, developer.mozilla.org, git.sr.ht, github.com, gitlab.com, json-schema.org, nodejs.org, raw.githubusercontent.com, spec.commonmark.org, stackoverflow.com, thekevinscott.com, www.unicode.org

    Source & flagged code

    3 flagged · loading source
    dist/653.jsView file
    matchType = previous_version_dangerous_delta matchedPackage = @lousy-agents/lint@5.17.0 matchedIdentity = npm:QGxvdXN5LWFnZW50cy9saW50:5.17.0 similarity = 0.800 summary = stored previous version shares package body but lacks this dangerous source file
    High
    Previous Version Dangerous Delta

    This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

    dist/653.jsView on unpkg
    756const tarDir = parsed.subdir ? (0,external_node_path_.join)(tmpDir, parsed.subdir) : tmpDir; L757: const { create } = await __webpack_require__.e(/* import() */ 316).then(__webpack_require__.bind(__webpack_require__, 5375)).then((n) => n.index_min_exports); L758: status.done();
    Medium
    Dynamic Require

    Package source references dynamic require/import behavior.

    dist/653.jsView on unpkg · L756
    dist/913.jsView file
    21contains invisible/control Unicode U+FEFF (zero width no-break space) `?(c++,l=0):e?l+=e.length:l++,e&&(s+=e.length),e}let S={default(){switch(v){case` `:case`\v`:case`\f`:case` `:case`\xA0`:case`<U+FEFF>`:case`
    Critical
    Trojan Source Unicode

    Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

    dist/913.jsView on unpkg · L21

    Findings

    1 Critical1 High5 Medium5 Low
    CriticalTrojan Source Unicodedist/913.js
    HighPrevious Version Dangerous Deltadist/653.js
    MediumDynamic Requiredist/653.js
    MediumNetwork
    MediumEnvironment Vars
    MediumStructural Risk Force Deep Review
    MediumWildcard Dependency
    LowScripts Present
    LowFilesystem
    LowObfuscated
    LowHigh Entropy Strings
    LowUrl Strings