registry  /  norma-design-lint  /  1.23.2

norma-design-lint@1.23.2

Lint HTML/CSS against the Norma web design standard — contrast, focus rings, semantic HTML, labels, reduced-motion, and the common AI-generated design tells.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs `norma-design-lint init`.
Impact
Can alter AI-agent guidance and CI configuration in the current project after user invocation.
Mechanism
Explicit project scaffolding writes agent instructions and workflow files.
Rationale
No concrete malicious chain was found, but explicit creation of a root AI-agent control file warrants a non-blocking warning under the stated policy.
Evidence
package.jsondist/cli.jsdist/init.jsdist/mcp.js.normarc.json.github/workflows/design-lint.ymlAGENTS.mddist/agents/AGENTS.md

Decision evidence

public snapshot
AI called this Suspicious at 90.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • `dist/cli.js` exposes explicit `init` command.
  • `dist/init.js` writes `AGENTS.md` into caller cwd.
  • `dist/init.js` writes `.github/workflows/design-lint.yml`.
  • Bundled `dist/agents/AGENTS.md` is copied by init.
Evidence against
  • `package.json` has no preinstall/install/postinstall hooks.
  • Writes require explicit `norma-design-lint init` invocation.
  • MCP server in `dist/mcp.js` is stdio-only.
  • No network client, shell execution, eval, or credential harvesting found.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystem
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 23 file(s), 154 KB of source, external domains: github.com, json.schemastore.org

Source & flagged code

1 flagged · loading source
dist/checks/helpers.jsView file
matchType = previous_version_dangerous_delta matchedPackage = norma-design-lint@1.23.1 matchedIdentity = npm:bm9ybWEtZGVzaWduLWxpbnQ:1.23.1 similarity = 0.944 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/checks/helpers.jsView on unpkg

Findings

1 High1 Medium4 Low
HighPrevious Version Dangerous Deltadist/checks/helpers.js
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings