| Block |
 |
Network access: npm @metamask/create-release-branch in module globalThis["fetch"]
Module: globalThis["fetch"]
Location: Package overview
From: package.json → npm/@metamask/create-release-branch@4.1.4
ℹ Read more on: This package | This alert | What is network access?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/@metamask/create-release-branch@4.1.4. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Block |
 |
Network access: npm body-parser in module http-errors
Module: http-errors
Location: Package overview
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/body-parser@1.20.4
ℹ Read more on: This package | This alert | What is network access?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/body-parser@1.20.4. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Block |
 |
Network access: npm debug in module net
Module: net
Location: Package overview
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/debug@2.6.9
ℹ Read more on: This package | This alert | What is network access?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/debug@2.6.9. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Block |
 |
Network access: npm express in module http
Module: http
Location: Package overview
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/express@4.22.1
ℹ Read more on: This package | This alert | What is network access?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/express@4.22.1. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Block |
 |
Network access: npm express in module https
Module: https
Location: Package overview
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/express@4.22.1
ℹ Read more on: This package | This alert | What is network access?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/express@4.22.1. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Block |
 |
Network access: npm express in module net
Module: net
Location: Package overview
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/express@4.22.1
ℹ Read more on: This package | This alert | What is network access?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/express@4.22.1. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Block |
 |
Network access: npm express in module http-errors
Module: http-errors
Location: Package overview
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/express@4.22.1
ℹ Read more on: This package | This alert | What is network access?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/express@4.22.1. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Block |
 |
Network access: npm methods in module http
Module: http
Location: Package overview
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/methods@1.1.2
ℹ Read more on: This package | This alert | What is network access?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/methods@1.1.2. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Block |
 |
Network access: npm raw-body in module http-errors
Module: http-errors
Location: Package overview
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/raw-body@2.5.3
ℹ Read more on: This package | This alert | What is network access?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/raw-body@2.5.3. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Block |
 |
Network access: npm send in module http-errors
Module: http-errors
Location: Package overview
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/send@0.19.2
ℹ Read more on: This package | This alert | What is network access?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/send@0.19.2. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Block |
 |
Publisher changed: npm async-function is now published by ljharb instead of eduardorfs
New Author: ljharb
Previous Author: eduardorfs
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/async-function@1.0.0
ℹ Read more on: This package | This alert | What is new author?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: Scrutinize new collaborator additions to packages because they now have the ability to publish code into your dependency tree. Packages should avoid frequent or unnecessary additions or changes to publishing rights.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/async-function@1.0.0. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Block |
 |
Publisher changed: npm encodeurl is now published by blakeembrey instead of dougwilson
New Author: blakeembrey
Previous Author: dougwilson
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/encodeurl@2.0.0
ℹ Read more on: This package | This alert | What is new author?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: Scrutinize new collaborator additions to packages because they now have the ability to publish code into your dependency tree. Packages should avoid frequent or unnecessary additions or changes to publishing rights.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/encodeurl@2.0.0. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Block |
 |
Publisher changed: npm finalhandler is now published by ulisesgascon instead of wesleytodd
New Author: ulisesgascon
Previous Author: wesleytodd
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/finalhandler@1.3.2
ℹ Read more on: This package | This alert | What is new author?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: Scrutinize new collaborator additions to packages because they now have the ability to publish code into your dependency tree. Packages should avoid frequent or unnecessary additions or changes to publishing rights.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/finalhandler@1.3.2. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Block |
 |
Publisher changed: npm http-errors is now published by ulisesgascon instead of dougwilson
New Author: ulisesgascon
Previous Author: dougwilson
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/http-errors@2.0.1
ℹ Read more on: This package | This alert | What is new author?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: Scrutinize new collaborator additions to packages because they now have the ability to publish code into your dependency tree. Packages should avoid frequent or unnecessary additions or changes to publishing rights.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/http-errors@2.0.1. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Block |
 |
Publisher changed: npm statuses is now published by ulisesgascon instead of dougwilson
New Author: ulisesgascon
Previous Author: dougwilson
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/statuses@2.0.2
ℹ Read more on: This package | This alert | What is new author?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: Scrutinize new collaborator additions to packages because they now have the ability to publish code into your dependency tree. Packages should avoid frequent or unnecessary additions or changes to publishing rights.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/statuses@2.0.2. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Warn |
 |
Potential code anomaly (AI signal): npm content-disposition is 100.0% likely to have a medium risk anomaly
Notes: The code appears to be a standard, non-malicious Content-Disposition header parser with strict input validation and proper encoding/decoding utilities. No evident data exfiltration or remote execution within this fragment. The primary precaution is to ensure the external decodefield function is safe and that PARAM_REGEXP robustly handles edge-case inputs to prevent DoS or parsing failures.
Confidence: 1.00
Severity: 0.60
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/content-disposition@0.5.4
ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/content-disposition@0.5.4. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Warn |
 |
Potential code anomaly (AI signal): npm ipaddr.js is 100.0% likely to have a medium risk anomaly
Notes: The code is a standard, well-structured IP address parsing/manipulation library (ipaddr.js) with comprehensive IPv4/IPv6 support and CIDR utilities. No malicious indicators detected within this fragment. The primary caveat is the octal interpretation of numbers with leading zeros, which could affect validation in security-sensitive contexts if inputs are untrusted. Overall risk remains modest due to reliance on user-provided data but no active malicious actions identified.
Confidence: 1.00
Severity: 0.60
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/ipaddr.js@1.9.1
ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/ipaddr.js@1.9.1. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Warn |
 |
Potential code anomaly (AI signal): npm open is 100.0% likely to have a medium risk anomaly
Notes: The code is a legitimate cross-platform URL/application launcher with broad compatibility. There is no clear malicious behavior, but the use of external process invocations and encoded PowerShell commands warrants careful input validation and least-privilege deployment in sensitive environments. Emphasize input sanitization (target URLs, app names/arguments) and ensure secure handling of platform-specific commands to minimize potential abuse. Overall security risk remains moderate due to command execution surfaces, but no malicious activity identified in this fragment.
Confidence: 1.00
Severity: 0.60
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/open@10.2.0
ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/open@10.2.0. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Warn |
 |
Potential code anomaly (AI signal): npm proxy-addr is 100.0% likely to have a medium risk anomaly
Notes: The code is a standard, well-scoped IP trust utility (proxy-addr) with no evidence of malicious behavior. It reads IPs from request headers, validates and normalizes them, and applies a trust policy to determine the client address. No backdoors, exfiltration, or dangerous operations are present. The security posture appears acceptable for its intended purpose when used as a dependency in an Open Source project.
Confidence: 1.00
Severity: 0.60
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/proxy-addr@2.0.7
ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/proxy-addr@2.0.7. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|
| Warn |
 |
Potential code anomaly (AI signal): npm side-channel-weakmap is 100.0% likely to have a medium risk anomaly
Notes: The analyzed code implements a dual-path side-channel storage mechanism that safely uses WeakMap when available, with a fallback to a separate side-channel map. It does not exhibit malicious behavior and appears to serve legitimate functionality around secure data transfer between modules without external data exfiltration or network activity.
Confidence: 1.00
Severity: 0.60
From: ? → npm/@metamask/create-release-branch@4.1.4 → npm/side-channel-weakmap@1.0.2
ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly?
Next steps: Take a moment to review the security alert
above. Review the linked package source code to understand the potential
risk. Ensure the package is not malicious before proceeding. If you're
unsure how to proceed, reach out to your security team or ask the Socket
team for help at support@socket.dev.
Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding.
Mark the package as acceptable risk. To ignore this alert only
in this pull request, reply with the comment
@SocketSecurity ignore npm/side-channel-weakmap@1.0.2. You can
also ignore all packages with @SocketSecurity ignore-all.
To ignore an alert for all future pull requests, use Socket's Dashboard to
change the triage state of this alert.
|