registry  /  nottuff11  /  0.0.1-security

nottuff11@0.0.1-security

security holding package

AI Security Review

scanned 2h ago · by lpm-firewall-ai

No confirmed attack surface exists in this extracted version. It contains metadata and a holding notice only.

Static reason
No blocking static signals were detected.
Trigger
None.
Impact
No source-backed malicious impact identified.
Mechanism
No executable package behavior.
Rationale
Direct inspection shows that nottuff11@0.0.1-security is a non-executable security holding package with no lifecycle hooks or source files. The README's historical statement does not establish malicious behavior in this published version.
Evidence
package.jsonREADME.md

Decision evidence

public snapshot
AI called this Clean at 99.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no scripts, dependencies, or entrypoints.
    • Package contains only package.json and README.md.
    • No install-time, import-time, network, shell, or file-write code is present.
    • README.md describes this version as a security holding placeholder.
    Behavioral surface
    SourceNo risky source behavior triggered.
    Supply chainNo supply-chain packaging signals triggered.
    Manifest
    NoLicense
    scanned 0 file(s), 0 B of source

    Source & flagged code

    0 flagged
    No flagged code excerpts are attached to this scan.

    Findings

    1 Low
    LowNo License