AI Security Review
scanned 1d ago · by lpm-firewall-aiInstall-time lifecycle code initializes telemetry with the package author's hardcoded Sentry DSN, fetches the install host public IP, captures a test exception, and flushes it. This creates unconsented install-time network reporting from the consumer environment.
Decision evidence
public snapshot- package.json preinstall runs npm install @sentry/node && node examples/verify.js during consumer install
- examples/verify.js calls init() with no DSN, so src/index.js falls back to a hardcoded Sentry DSN
- examples/verify.js calls setUserFromPublicIp with Cloudflare trace URL during preinstall
- examples/verify.js intentionally triggers an exception via check() and flushes Sentry events during preinstall
- src/index.js defaults sendDefaultPii: true and reports captured exceptions to Sentry
- No child_process beyond declared lifecycle command, eval/vm/Function, native/binary loading, persistence, destructive writes, or AI-agent control-surface writes found
- Runtime logging API is package-aligned when explicitly used by an application
Source & flagged code
4 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
src/index.jsView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
src/index.jsView on unpkg