registry  /  nodemon-plint  /  0.0.1-security

nodemon-plint@0.0.1-security

security holding package

AI Security Review

scanned 1h ago · by lpm-firewall-ai

No confirmed attack surface in this package version. It is a metadata-only holding package with documentation.

Static reason
No blocking static signals were detected.
Trigger
None
Impact
No source-established impact
Mechanism
No executable behavior
Rationale
Direct inspection found no executable files, lifecycle hooks, dependencies, entrypoints, or malicious behavior. The README describes historical removal but does not establish malicious code in this published version.
Evidence
package.jsonREADME.md

Decision evidence

public snapshot
AI called this Clean at 99.0% confidence as Benign with low false-positive risk.
Evidence for block
  • README.md states this is a security holding package for a previously removed package.
Evidence against
  • package.json contains no scripts, entrypoints, dependencies, or install hooks.
  • Only package.json and README.md are present; neither contains executable payloads or network logic.
Behavioral surface
SourceNo risky source behavior triggered.
Supply chainNo supply-chain packaging signals triggered.
Manifest
NoLicense
scanned 0 file(s), 0 B of source

Source & flagged code

0 flagged
No flagged code excerpts are attached to this scan.

Findings

2 Low
LowNo License
LowAi Review Evidence