AI Security Review
scanned 1h ago · by lpm-firewall-aiNo confirmed executable attack surface exists in this published package. It is a holding placeholder with manifest metadata and documentation only.
Static reason
No blocking static signals were detected.
Trigger
None.
Impact
No package-originated runtime, install-time, or import-time action.
Mechanism
No executable behavior.
Rationale
Direct inspection found no code or lifecycle hook to execute malicious behavior. README.md describes a prior removed package, but the reviewed version is inert.
Evidence
package.jsonREADME.md
Decision evidence
public snapshotAI called this Clean at 99.0% confidence as Benign with low false-positive risk.
Evidence for block
- README.md states this is a security holding package replacing removed code.
Evidence against
- package.json has no lifecycle scripts, dependencies, or code entrypoints.
- Package contains only package.json and README.md.
- No executable source, network endpoints, credential access, shell use, or file mutation is present.
Behavioral surface
NoLicense
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
2 Low
LowNo License
LowAi Review Evidence