AI Security Review
scanned 3h ago · by lpm-firewall-aiInstall-time execution sends a deliberately generated error event to a package-controlled Sentry project. It first queries a Cloudflare trace endpoint and associates the installer machine's public IP with the Sentry user context.
Decision evidence
public snapshot- package.json preinstall runs `npm install` then `examples/verify.js`.
- examples/verify.js initializes a hard-coded Sentry DSN, resolves public IP, and flushes an error event during install.
- src/index.js defaults Sentry to `sendDefaultPii: true`.
- src/index.js fetches Cloudflare trace endpoints with a browser-like User-Agent and attaches the resolved IP to Sentry.
- Inspected package contains only manifest, README, source, declarations, and verify example.
- No filesystem harvesting, shell execution beyond the declared lifecycle command, eval, dynamic loading, persistence, or AI-agent configuration writes found.
- Runtime reporting APIs require explicit consumer calls; install behavior is confined to the verification script.
Source & flagged code
4 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
src/index.jsView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
src/index.jsView on unpkg