registry  /  ishowfeet8  /  0.0.1-security

ishowfeet8@0.0.1-security

security holding package

AI Security Review

scanned 1h ago · by lpm-firewall-ai

No confirmed attack surface is present in this package version. The package contains only metadata and a non-executable README.

Static reason
No blocking static signals were detected.
Trigger
None; there are no lifecycle hooks, binaries, or runtime entrypoints.
Impact
No source-grounded malicious behavior established.
Mechanism
No executable behavior present.
Rationale
Direct inspection found no install-time, import-time, network, filesystem, shell, or dynamic-execution behavior. The README's historical statement does not establish malicious behavior in the inspected holding-package version.
Evidence
package.jsonREADME.md

Decision evidence

public snapshot
AI called this Clean at 99.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json defines only package metadata; no scripts or entrypoints.
    • Only package.json and README.md are present; no executable, binary, or hidden source files.
    • README.md describes a security holding package and contains no active code or commands.
    Behavioral surface
    SourceNo risky source behavior triggered.
    Supply chainNo supply-chain packaging signals triggered.
    Manifest
    NoLicense
    scanned 0 file(s), 0 B of source

    Source & flagged code

    0 flagged
    No flagged code excerpts are attached to this scan.

    Findings

    1 Low
    LowNo License