Research
/Security News
Shai Hulud Strikes Again (v2)
Another wave of Shai-Hulud campaign has hit npm with more than 500 packages and 700+ versions affected.
By Socket Research Team -  Nov 24, 2025
🚨 Shai-Hulud Strikes Again:More than 700 Packages Compromised.Technical Analysis →
@bitovi/ai-component-paste
Advanced tools
AI Component Paste
AI Component Paste
Overview
AI Component Paste is a web component and function to run on a server endpoint that enables intelligent form filling using AI. It analyzes clipboard content and automatically populates form fields with relevant information, making data entry faster and more accurate.
Installation
npm install @bitovi/ai-component-paste
Usage
- Import the component in your HTML:
<script type="module">
import "@bitovi/ai-component-paste/component";
</script>
- Add the component to your form:
<form>
<input type="text" name="name" />
<input type="email" name="email" />
<input type="tel" name="phone" />
<ai-paste api="YOUR_API_ENDPOINT"></ai-paste>
</form>
- Configure OpenAI API Key (Server-side)
Before setting up the API endpoint, you need to configure your OpenAI API key on the server:
# Set the OpenAI API key as an environment variable
export OPENAI_API_KEY=your-api-key-here
⚠️ Security Warning: Never commit your OpenAI API key to version control. Use environment variables or a secure secrets management system. The API key should be kept private and secure.
- Set up the API endpoint to handle the extraction:
import { extractFormData } from "@bitovi/ai-component-paste/extractor";
// Example API endpoint handler
app.post("/api/extract", async (req, res) => {
const { text, fields } = req.body;
const extracted = await extractFormData(text, fields);
res.json(extracted);
});
API Configuration
The ai-paste component requires an API endpoint to be configured:
<ai-paste api="https://your-api.com/extract"></ai-paste>
Events
The component dispatches two events:
ai-paste-extracted- Fired when data is successfully extracted:
document.querySelector("ai-paste").addEventListener("ai-paste-extracted", (event) => {
const extractedData = event.detail;
console.log("Extracted data:", extractedData);
});
ai-paste-error- Fired when an error occurs:
document.querySelector("ai-paste").addEventListener("ai-paste-error", (event) => {
const error = event.detail;
console.error("Error:", error);
});
Development
# Install dependencies
npm install
# Start development server
npm run dev
# Build for production
npm run build
FAQs
AI Component Paste
The npm package @bitovi/ai-component-paste receives a total of 12 weekly downloads. As such, @bitovi/ai-component-paste popularity was classified as not popular.
We found that @bitovi/ai-component-paste demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 15 Apr 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Webhook Events for Alert Changes
Add real-time Socket webhook events to your workflows to automatically receive software supply chain alert changes in real time.
By Phil Gates-Idem -  Nov 21, 2025
Security News
ENISA Becomes a CVE Root, Expanding Its Role in Europe’s Vulnerability Ecosystem
ENISA has become a CVE Program Root, giving the EU a central authority for coordinating vulnerability reporting, disclosure, and cross-border response.
By Sarah Gooding -  Nov 21, 2025