AI Security Review
scanned 1d ago · by lpm-firewall-aiThe package has an install-time hook that installs @sentry/node and runs a verifier which initializes the package and reports a synthetic error. This causes unconsented install-time telemetry to a hardcoded Sentry DSN, but no broader malware behavior or persistence was found.
Decision evidence
public snapshot- package.json defines preinstall: npm install @sentry/node && node examples/verify.js
- preinstall runs package code at install time via examples/verify.js
- examples/verify.js imports src and sends Error to Sentry
- src/index.js has DEFAULT_DSN hardcoded to a Sentry ingest endpoint
- src/index.js can fetch public IP from Cloudflare trace endpoints and attach it to Sentry user context
- No shell/child_process/eval/vm/native binary loading found in src or examples
- No writes to agent control surfaces, startup files, VCS hooks, or persistence locations found
- No credential/env harvesting beyond SENTRY_DSN option/env fallback
- Runtime APIs are mostly Sentry error-reporting wrappers and user-invoked helpers
- Network endpoints are visible and aligned with telemetry/error-reporting package description
Source & flagged code
4 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
src/index.jsView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
src/index.jsView on unpkg