AI Security Review
scanned 4h ago · by lpm-firewall-aiNo confirmed attack surface is established. Importing the package exposes only fixed-string functions.
Static reason
No blocking static signals were detected.
Trigger
User explicitly imports `prettier-plugin-base` and calls a `line*` function.
Impact
No observed credential access, network activity, persistence, execution, or file mutation.
Mechanism
Static local string-returning exports only.
Rationale
Direct source inspection shows a minimal lyric utility with no install-time or runtime attack behavior. The unrelated dependency declaration is not executed or referenced by this package's source.
Evidence
package.jsonindex.jsREADME.md
OSV Corroboration
OpenSSF/OSVAdvisory
MAL-2026-10430
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in prettier-plugin-base (npm)
Details
The package was found to contain malicious code or consuming dependency that contains malicious code
## Source: ghsa-malware (12e1efa0356d63d986dfc7b5ffb552aedb5341ba76043370f5e4d1a5dff6804e) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
References
Decision evidence
public snapshotAI called this Clean at 99.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- `package.json` has no preinstall/install/postinstall/prepare lifecycle hook.
- `index.js` only exports five synchronous functions returning fixed strings.
- `README.md` documents the same local lyric-returning API.
- No network, filesystem-write, environment, shell, eval, or dynamic-loading primitive appears in package source.
Behavioral surface
Trivial
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
1 Low
LowScripts Present