Module content_sniff 

Lightweight content scanner for dependency lifecycle script bodies.

Pattern-matches dangerous shapes — shell-pipe (curl … | sh), base64-deobfuscation (eval(atob(…))), credential-file reads (~/.ssh, ~/.npmrc), secret-shaped process.env reads, exfiltration endpoints (Discord/Telegram webhooks, OAST hosts, bare-IP HTTP) — in a package’s preinstall / install / postinstall scripts. Fired before the user is prompted to approve a build so the prompt can carry more than just name@version.

Pure regex matching — no AST parse, no shell-quoting awareness. False positives are possible (an SDK that legitimately hits a Discord webhook from a postinstall would flag), but lifecycle script bodies are short and almost never contain bare curl … | sh legitimately, so the FP rate is low in practice.

Sniffing is advisory: it never blocks an install or write. The existing BuildPolicy allowlist remains the only gate on whether scripts actually execute.

Structs

Suspicion

One match against a script body.

Enums

SuspicionKind

Why a script body got flagged. Each variant carries a one-line description for the user-facing warning and a category tag used by interactive surfaces (aube approve-builds picker labels) that need a short marker.

Functions

sniff_lifecycle

Scan a dep’s manifest for suspicious lifecycle script bodies. Returns one Suspicion per (hook, rule) pair that matched. Empty result for packages with no scripts or no matches.