AI Security Review
scanned 3h ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package is an explicitly run HTTP/MCP payment-screening service with package-aligned persistence and network calls.
Decision evidence
public snapshot- `package.json` has no preinstall/install/postinstall lifecycle hooks.
- `dist/src/detectors/injection.js` uses invisible Unicode only in regexes that detect hidden input text.
- No child-process, shell, eval/vm, dynamic module-loading, native, or binary-loading primitives were found.
- `dist/mcp/server.js` makes API requests only after an explicit MCP tool invocation.
- `dist/src/store.js` persists service state under configured `DATA_DIR`; no foreign AI-agent config paths are referenced.
- `dist/src/index.js` starts the Express service only when its runtime entrypoint is launched.
Source & flagged code
2 flagged · loading sourceSource contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/src/detectors/injection.jsView on unpkg · L9A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/src/detectors/injection.jsView on unpkg