AI Security Review
scanned 4d ago · by lpm-firewall-aiNo confirmed attack surface: this package is an offline Markdown knowledge corpus with no lifecycle hooks or executable entrypoints. The scanner secret hit is a teaching example, not an active credential or behavior.
Decision evidence
public snapshot- security/04-antipatterns/security-coding-antipatterns.md contains dummy AWS-looking strings in a documented "bad" example.
- package.json has no scripts, main, module, browser, bin, or dependencies.
- package.json files allowlist is Markdown only: "**/*.md".
- rg --files -uu shows package content is package.json plus Markdown knowledge documents.
- No non-Markdown executable source files found by find.
- Secret-like strings are clearly labeled sample antipattern code using EXAMPLE placeholders.
- Network URLs and shell commands appear in documentation examples/playbooks, not executable package code.
Source & flagged code
28 flagged · loading sourcePackage contains a critical-looking secret pattern.
security/04-antipatterns/security-coding-antipatterns.mdView on unpkg · L33AWS access key ID in security/04-antipatterns/security-coding-antipatterns.md
security/04-antipatterns/security-coding-antipatterns.mdView on unpkg · L33Hardcoded password in devops/01-standards/terraform-complete.md
devops/01-standards/terraform-complete.mdView on unpkg · L2020Hardcoded password in devops/01-standards/terraform-complete.md
devops/01-standards/terraform-complete.mdView on unpkg · L2023Hardcoded password in cloud-native/04-antipatterns/k8s-antipatterns.md
cloud-native/04-antipatterns/k8s-antipatterns.mdView on unpkg · L443Hardcoded password in cloud-native/04-antipatterns/k8s-antipatterns.md
cloud-native/04-antipatterns/k8s-antipatterns.mdView on unpkg · L456Hardcoded password in cloud-native/01-standards/kubernetes-complete.md
cloud-native/01-standards/kubernetes-complete.mdView on unpkg · L457Hardcoded password in cloud-native/01-standards/container-security.md
cloud-native/01-standards/container-security.mdView on unpkg · L355Hardcoded password in cloud-native/02-playbooks/gitops-with-argocd.md
cloud-native/02-playbooks/gitops-with-argocd.mdView on unpkg · L606Hardcoded password in cloud-native/02-playbooks/terraform-iac-playbook.md
cloud-native/02-playbooks/terraform-iac-playbook.mdView on unpkg · L107Hardcoded password in frontend/01-standards/react-hooks-complete.md
frontend/01-standards/react-hooks-complete.mdView on unpkg · L799Hardcoded password in security/secrets-management.md
security/secrets-management.mdView on unpkg · L58Hardcoded password in security/secrets-management.md
security/secrets-management.mdView on unpkg · L331AWS access key ID in development/04-antipatterns/security-antipatterns.md
development/04-antipatterns/security-antipatterns.mdView on unpkg · L28Hardcoded password in development/01-standards/oauth2-complete.md
development/01-standards/oauth2-complete.mdView on unpkg · L254Hardcoded password in development/01-standards/postgresql-complete.md
development/01-standards/postgresql-complete.mdView on unpkg · L378Hardcoded password in backend/04-antipatterns/backend-antipatterns.md
backend/04-antipatterns/backend-antipatterns.mdView on unpkg · L949Hardcoded password in backend/01-standards/nestjs-complete.md
backend/01-standards/nestjs-complete.mdView on unpkg · L1624Hardcoded password in backend/01-standards/django-complete.md
backend/01-standards/django-complete.mdView on unpkg · L1155Hardcoded password in backend/01-standards/django-complete.md
backend/01-standards/django-complete.mdView on unpkg · L1184Hardcoded password in testing/02-playbooks/e2e-testing-playbook.md
testing/02-playbooks/e2e-testing-playbook.mdView on unpkg · L601Hardcoded password in data-engineering/01-standards/airflow-complete.md
data-engineering/01-standards/airflow-complete.mdView on unpkg · L477Hardcoded password in experts/qa-lead/test-strategy.md
experts/qa-lead/test-strategy.mdView on unpkg · L68Hardcoded password in data/01-standards/redis-complete.md
data/01-standards/redis-complete.mdView on unpkg · L552Hardcoded password in data/01-standards/redis-complete.md
data/01-standards/redis-complete.mdView on unpkg · L556Hardcoded password in data/01-standards/redis-complete.md
data/01-standards/redis-complete.mdView on unpkg · L595Hardcoded password in data/01-standards/postgresql-complete.md
data/01-standards/postgresql-complete.mdView on unpkg · L764Hardcoded password in data/01-standards/postgresql-complete.md
data/01-standards/postgresql-complete.mdView on unpkg · L767