registry  /  node-fsagent  /  4.685.69

node-fsagent@4.685.69

chunk 4.685.69

AI Security Review

scanned 2h ago · by lpm-firewall-ai

The package is an inert opaque-data carrier embedded in metadata. No execution trigger or active exfiltration path is present in the extracted files.

Static reason
No blocking static signals were detected.
Trigger
None in the package as published; the payload is only exposed by reading package metadata.
Impact
No confirmed runtime impact; the concealed binary data could support a later staged-payload chain.
Mechanism
Opaque encoded payload stored in `keywords`.
Rationale
No active malicious behavior executes from this package, but its concealed opaque binary payload is an unresolved staged-payload risk. Flag it for warning rather than blocking.
Evidence
package.jsonindex.js

Decision evidence

public snapshot
AI called this Suspicious at 93.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `package.json` stores 274 opaque Base64-like keyword chunks.
  • Concatenated keywords decode to 48,499 bytes of high-entropy unidentified data.
  • `index.js` is empty, so the opaque payload has no visible legitimate use.
Evidence against
  • `package.json` has no `scripts` lifecycle hooks.
  • No `main`, `module`, `browser`, or `bin` entrypoint is declared.
  • No dependencies, network endpoints, or executable source were found.
  • No install-time, import-time, filesystem, environment, or subprocess behavior is present.
Behavioral surface
SourceNo risky source behavior triggered.
Supply chain
Trivial
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 0 B of source

Source & flagged code

1 flagged · loading source
package.jsonView file
Published source reference
Medium
Ai Review Evidence

`package.json` stores 274 opaque Base64-like keyword chunks.

package.jsonView on unpkg

Findings

3 Medium
MediumAi Review Evidencepackage.json
MediumAi Review Evidence
MediumAi Review Evidence