AI Security Review
scanned 7h ago · by lpm-firewall-aiNo confirmed attack surface is present in this package version. It contains only metadata and a non-executable README.
Static reason
No blocking static signals were detected.
Trigger
None.
Impact
No package-originated code executes or modifies data.
Mechanism
No install-time or runtime behavior.
Rationale
Direct inspection finds no executable source, lifecycle hook, dependency, or entrypoint. The current published package is a non-executable security holder, so no malicious behavior is established.
Evidence
package.jsonREADME.md
Decision evidence
public snapshotAI called this Clean at 99.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json contains no lifecycle scripts, entrypoints, dependencies, or executable configuration.
- Only package files are package.json and README.md; neither contains executable code or network/credential/file operations.
- README.md describes this as a security holding package and says prior malicious code was removed.
Behavioral surface
NoLicense
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
1 Low
LowNo License