registry  /  prettier-plugin-base  /  0.0.1-security

prettier-plugin-base@0.0.1-security

security holding package

AI Security Review

scanned 16h ago · by lpm-firewall-ai

No confirmed attack surface is present in the inspected package. There are no lifecycle hooks, runtime entrypoints, network endpoints, or executable files.

Static reason
No blocking static signals were detected.
Trigger
None
Impact
No package behavior to execute
Mechanism
Metadata-only holding package
Rationale
Static inspection found a metadata-only security holding package with no executable code or install-time behavior. The README's historical statement is not evidence of malicious behavior in this extracted version.
Evidence
package.jsonREADME.md

Decision evidence

public snapshot
AI called this Clean at 99.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json contains only package metadata; no scripts, entrypoints, dependencies, or binaries.
    • README.md describes this release as a security holding placeholder.
    • Package contains only package.json and README.md; no executable source or payload files.
    Behavioral surface
    SourceNo risky source behavior triggered.
    Supply chainNo supply-chain packaging signals triggered.
    Manifest
    NoLicense
    scanned 0 file(s), 0 B of source

    Source & flagged code

    0 flagged
    No flagged code excerpts are attached to this scan.

    Findings

    1 Low
    LowNo License