registry  /  node-fsagent  /  4.685.65

node-fsagent@4.685.65

chunk 4.685.65

AI Security Review

scanned 3h ago · by lpm-firewall-ai

No executable attack path is currently wired into installation or runtime. `package.json` contains an inert opaque 51,200-byte payload embedded in keywords, making it a staged-payload carrier.

Static reason
No blocking static signals were detected.
Trigger
No current trigger; the payload is not referenced by executable package code.
Impact
No observed execution or exfiltration, but concealed payload could support a later malicious release or loader.
Mechanism
Opaque high-entropy Base64 data concealed in manifest keywords.
Rationale
Source inspection finds no active malicious behavior, but a large opaque payload concealed in `package.json` is inconsistent with a benign empty package. Treat as a non-blocking staged-payload carrier.
Evidence
package.jsonindex.js

Decision evidence

public snapshot
AI called this Suspicious at 88.0% confidence as Unknown with low false-positive risk.
Evidence for warning
  • `package.json` stores 274 Base64-only keyword strings.
  • Concatenated keywords decode to 51,200 bytes of high-entropy opaque data.
  • The opaque payload has no package-aligned functional purpose or source reference.
Evidence against
  • `package.json` has no lifecycle scripts, entrypoints, bin, or dependencies.
  • `index.js` exists but is empty.
  • No network, shell, credential, filesystem-write, or agent-control code is present.
Behavioral surface
SourceNo risky source behavior triggered.
Supply chain
Trivial
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 0 B of source

Source & flagged code

1 flagged · loading source
package.jsonView file
Published source reference
Medium
Ai Review Evidence

`package.json` stores 274 Base64-only keyword strings.

package.jsonView on unpkg

Findings

3 Medium
MediumAi Review Evidencepackage.json
MediumAi Review Evidence
MediumAi Review Evidence