AI Security Review
scanned 4h ago · by lpm-firewall-aiNo confirmed attack surface is present in this extracted package. It is a metadata-only holding release.
Static reason
No blocking static signals were detected.
Trigger
None.
Impact
No package-originated code runs or modifies data.
Mechanism
No executable behavior.
Rationale
Direct inspection found only a metadata-only manifest and a holding-package README, with no install hooks or runtime source. The current package version is clean despite the README's historical note about a removed prior package.
Evidence
package.jsonREADME.md
Decision evidence
public snapshotAI called this Clean at 99.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- `package.json` has no scripts, dependencies, entrypoints, or bin.
- Only `README.md` and `package.json` exist; no executable or symlinked files.
- `README.md` describes this release as a security holding placeholder.
- No network, filesystem, shell, dynamic-loading, or AI-agent control code is present.
Behavioral surface
NoLicense
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
1 Low
LowNo License