registry  /  norma-design-lint  /  1.21.0

norma-design-lint@1.21.0

Lint HTML/CSS against the Norma web design standard — contrast, focus rings, semantic HTML, labels, reduced-motion, and the common AI-generated design tells.

AI Security Review

scanned 3h ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package reads lint inputs and provides user-invoked local writes for scaffolding, fixes, and baselines.

Static reason
No blocking static signals were detected.
Trigger
User runs `norma-design-lint init`, `--fix`, or `--update-baseline`.
Impact
May create or overwrite user-selected project files only when explicitly invoked; no install-time execution or network exfiltration is present.
Mechanism
Explicit local linting and project scaffolding.
Rationale
Source inspection shows a local design linter with no install lifecycle execution, networking, payload execution, or stealth persistence. Its agent-file and CI scaffolding are explicit user-command behavior and skip existing files by default.
Evidence
package.jsondist/cli.jsdist/init.jsdist/mcp.jsdist/index.jsdist/agents/AGENTS.md.normarc.json.github/workflows/design-lint.ymlAGENTS.md.norma-baseline.json

Decision evidence

public snapshot
AI called this Clean at 98.0% confidence as Benign with low false-positive risk.
Evidence for block
  • `dist/init.js` can scaffold `AGENTS.md` and a GitHub Actions workflow, but only through the explicit `init` command.
Evidence against
  • `package.json` has no preinstall, install, postinstall, or prepare hook.
  • `dist/mcp.js` is a stdio-only JSON-RPC lint server; no network client primitives found.
  • No child-process, eval/vm, dynamic module loading, native binary loading, or credential harvesting found in `dist/*.js`.
  • `dist/cli.js` writes only for explicit `init`, `--fix`, or `--update-baseline` actions.
  • `dist/init.js` skips existing files unless the user explicitly passes `--force`.
  • Bundled agent files contain design/accessibility guidance, not control-surface or exfiltration instructions.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystem
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 19 file(s), 146 KB of source, external domains: github.com, json.schemastore.org

Source & flagged code

1 flagged · loading source
dist/init.jsView file
Published source reference
Low
Ai Review Evidence

`dist/init.js` can scaffold `AGENTS.md` and a GitHub Actions workflow, but only through the explicit `init` command.

dist/init.jsView on unpkg

Findings

1 Medium5 Low
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowAi Review Evidencedist/init.js