Secure your dependencies. Ship with confidence.

This code implements a hard-coded reverse shell targeting 167.99.78.95:9001 and will provide remote interactive shell access whenever the function is invoked. It is a backdoor and should be treated as malicious: do not execute, remove the package, rotate any credentials or secrets that may have been exposed on systems where it ran, and investigate the scope of compromise. The code is explicit and non-obfuscated, making its malicious intent clear.

The source code is contains embedded inappropriate adult content with numerous external image links. It is not valid or functional software code. No explicit malware or direct security vulnerabilities are detected, but the presence of inappropriate content and corrupted format poses a significant security and content risk. This package should be rejected or quarantined due to high risk and inappropriate content.

This code contains clear malicious behavior: automated account takeover and sensitive data exfiltration from an Android browser profile, plus an embedded mechanism to fetch and execute arbitrary remote code. It copies protected app data using root (su), zips and uploads it to a remote server, manipulates Google account pages (including password changes and recovery emails), and can execute remote Python retrieved from Firebase. Do not use this package; treat it as malicious and remove it from any environment. Investigation of clselove endpoints and any systems where this ran is urgently recommended.

While the script contains potentially risky behavior, such as handling environmental variables and automatic updating, these do not seem to be intended maliciously but rather for maintaining cookies or updating the package. However, the management of the .env file can potentially overwrite existing data, causing loss of data. Also, the automatic updating of the package from a github repository could potentially introduce malicious code if the repository is compromised.

Live on npm for 17 days and 58 minutes before removal. Socket users were protected even while the package was live.

[Skill Scanner] Installation of third-party script detected (AITech 9.1.4) [SC006]

[Skill Scanner] Download or install from free hosting/deployment platform detected (AITech 9.1.4) [SC007]

This module contains code that will perform an on-chain transfer (execute) to a hardcoded contract/address as part of the wallet enable / requestAccounts flow. That is a high-risk, unexpected side-effect: a connector that automatically issues a transfer on enable can cause fund loss. Additional concerns: embedded/hardcoded RPC endpoint (Alchemy) and use of wildcard origins for postMessage increase attack surface. Treat this code as suspicious/malicious for supply-chain use until the behavior is explicitly justified: remove the automatic execute call or require explicit user interaction/confirmation before submitting transactions. Do not use this package in production until the transfer behavior is audited/removed.

The script runs 'index.js' and silences all output, which could be a method to hide malicious actions or errors. The safety of this script depends on the contents of 'index.js'.

The code is highly likely to be malicious, involving downloading and executing remote code and potentially exfiltrating data.

Live on npm for 1 day, 17 hours and 55 minutes before removal. Socket users were protected even while the package was live.

The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.

[Skill Scanner] Download or install from free hosting/deployment platform detected (AITech 9.1.4) [SC007]

This script contains explicit functionality to read arbitrary files from the local filesystem and upload them to a hardcoded remote server — an exfiltration pattern. Even if intended as a legitimate 'file sync' client, the lack of authentication, absence of file filters or opt-in protection, and hardcoded IP make it high-risk for misuse or malicious intent. The stray trailing 'pas' will cause a syntax error as provided, but the core upload behavior is clear. Treat this package as dangerous for reuse in projects where local secrets exist; do not install or run it without code modification and strict review.

The code contains significant security risks, primarily due to the use of eval and exec, which can lead to arbitrary code execution. The handling of cookies also poses a risk if not properly validated. Overall, the code should be reviewed and modified to mitigate these vulnerabilities.

Live on PyPI for 207 days, 17 hours and 16 minutes before removal. Socket users were protected even while the package was live.

This module intentionally harvests caller bytecode and filename, persists it locally, and exfiltrates it to a hardcoded remote FTP server over plaintext using embedded credentials. This constitutes unauthorized data exfiltration and a high security risk. Do not use this package; treat the exposed credentials and host as compromised and remove the code from any environment where it might be executed.

This module zips a local directory and uploads it to a specific S3 bucket. The code contains hardcoded AWS credentials and a hardcoded bucket name, which is a severe security issue and could enable data exfiltration if these credentials are valid. There are additional problems: a likely return-value bug (undefined variable s3_ke), possible insufficient path-safety around symlinks, and verbose logging of paths. There is no evidence of obfuscation or active payloads like reverse shells or eval-based code execution. Treat this package as high-risk until credentials are removed/rotated and the code is corrected and reviewed.

Live on PyPI for 5 days, 12 hours and 53 minutes before removal. Socket users were protected even while the package was live.

This module contains critical security issues: a direct eval() on command-line inputs enabling arbitrary code execution (RCE) and a 'test' action that creates a hardcoded superuser with a known weak password and grants it all groups (backdoor-like behavior). Treat this as high-risk: remove eval-based dispatch, restrict/whitelist allowed actions, eliminate hardcoded privileged account creation from shipped code, and require explicit developer-only gating for any test helpers. If this code exists in a production/deployed environment, consider revoking credentials created by it and auditing for misuse.

This module implements an explicit UDP flood (denial-of-service) tool. It reads target and payload parameters and repeatedly sends UDP packets in many concurrent threads, optionally indefinitely. There are no safeguards, validation, or limits. This is malicious in typical contexts (unauthorized DDoS) and poses a high supply-chain and operational risk. Do not include or use this code in software unless you have a legitimate, authorized test environment and explicit consent from targets.

This module is an explicit DNS-spoofing tool that intercepts UDP/53 traffic via NetfilterQueue and forges DNS replies using Scapy. It modifies iptables to divert DNS queries, crafts replies with attacker-provided rdata, and reinjects them — enabling MITM redirection and potential data/credential theft. The code contains no safeguards, lacks initialization of some attributes, and the provided snippet appears truncated (syntax error). Treat as high-risk/likely malicious; only use in authorized, isolated test environments.

This module extracts a Colab notebook's source, copies any filesystem paths referenced as strings into a local folder, generates a requirements file, and attempts to send those files to a hard-coded external server. The behavior constitutes likely unauthorized data exfiltration of user code and potentially sensitive local files. Avoid running this package or using it in environments containing secrets or private data. If you already executed it, assume the notebook and any referenced files were transmitted to the remote host and rotate any exposed secrets.

The code contains a clear backdoor-like pattern: a hardcoded private key used to sign and broadcast Nano transactions, coupled with static wallet metadata. If this function is reachable at runtime, it enables unauthorized transactions and poses a significant security risk in any supply-chain context. The presence of NotImplemented stubs does not mitigate the primary risk; remediation requires removing hardcoded secrets, deriving keys securely, validating inputs, and implementing secure signing flows with proper user authorization.

The code does not appear to be intentionally malicious, but the use of the 'eval' function poses a potential security risk.

This script is malicious. It harvests the user's sudo password, fetches an encrypted payload from remote locations determined dynamically (Telegram + a decoded gist URL), decrypts it with a mixed local/remote key, writes the decrypted code to a temp file and executes it. The captured sudo password is passed in the child environment, enabling the remote payload to use it. This is a multi-stage remote code execution backdoor/supply-chain attack. Do not run this script; if executed on a system, treat the host as compromised, rotate credentials and investigate further.

This module is an automation tool that, given Discord user tokens, enumerates servers, creates permanent invite links when necessary, and sends those invite links plus guild names to an external Telegram endpoint. The functionality enables exfiltration and unauthorized propagation into servers and could be used to escalate or distribute malicious campaigns. The code contains clear misuse patterns (credential abuse, creation of durable invites, external exfiltration) and is highly suspicious. Treat as malicious tooling — do not run with real tokens; remove and investigate any exposure of tokens.

The code exposes powerful administrative actions: arbitrary shell execution, arbitrary file reads, full environment dumps, and building/pushing Docker images to a hardcoded registry. These are not obfuscated but are high-risk capabilities that can be abused for data exfiltration, remote code execution, and supply-chain leakage if the superuser authentication is compromised or misconfigured. The presence of a hardcoded remote image name for docker push is suspicious for unintended outbound artifact exfiltration. Recommendation: avoid including these endpoints in public packages or ensure strict, auditable authentication and input validation; remove hardcoded push targets and avoid returning full environment variables or arbitrary file contents.

This code implements a hard-coded reverse shell targeting 167.99.78.95:9001 and will provide remote interactive shell access whenever the function is invoked. It is a backdoor and should be treated as malicious: do not execute, remove the package, rotate any credentials or secrets that may have been exposed on systems where it ran, and investigate the scope of compromise. The code is explicit and non-obfuscated, making its malicious intent clear.

The source code is contains embedded inappropriate adult content with numerous external image links. It is not valid or functional software code. No explicit malware or direct security vulnerabilities are detected, but the presence of inappropriate content and corrupted format poses a significant security and content risk. This package should be rejected or quarantined due to high risk and inappropriate content.

This code contains clear malicious behavior: automated account takeover and sensitive data exfiltration from an Android browser profile, plus an embedded mechanism to fetch and execute arbitrary remote code. It copies protected app data using root (su), zips and uploads it to a remote server, manipulates Google account pages (including password changes and recovery emails), and can execute remote Python retrieved from Firebase. Do not use this package; treat it as malicious and remove it from any environment. Investigation of clselove endpoints and any systems where this ran is urgently recommended.

While the script contains potentially risky behavior, such as handling environmental variables and automatic updating, these do not seem to be intended maliciously but rather for maintaining cookies or updating the package. However, the management of the .env file can potentially overwrite existing data, causing loss of data. Also, the automatic updating of the package from a github repository could potentially introduce malicious code if the repository is compromised.

Live on npm for 17 days and 58 minutes before removal. Socket users were protected even while the package was live.

[Skill Scanner] Installation of third-party script detected (AITech 9.1.4) [SC006]

[Skill Scanner] Download or install from free hosting/deployment platform detected (AITech 9.1.4) [SC007]

This module contains code that will perform an on-chain transfer (execute) to a hardcoded contract/address as part of the wallet enable / requestAccounts flow. That is a high-risk, unexpected side-effect: a connector that automatically issues a transfer on enable can cause fund loss. Additional concerns: embedded/hardcoded RPC endpoint (Alchemy) and use of wildcard origins for postMessage increase attack surface. Treat this code as suspicious/malicious for supply-chain use until the behavior is explicitly justified: remove the automatic execute call or require explicit user interaction/confirmation before submitting transactions. Do not use this package in production until the transfer behavior is audited/removed.

The script runs 'index.js' and silences all output, which could be a method to hide malicious actions or errors. The safety of this script depends on the contents of 'index.js'.

The code is highly likely to be malicious, involving downloading and executing remote code and potentially exfiltrating data.

Live on npm for 1 day, 17 hours and 55 minutes before removal. Socket users were protected even while the package was live.

The code sends sensitive credentials from environment variables over an unencrypted HTTP connection to an external API service at api[.]sqhyw[.]net:90. It authenticates using username/password from the YEZI_USER environment variable, retrieves access tokens, and automates the process of obtaining mobile phone numbers and SMS verification codes. This behavior poses significant supply chain security risks through: (1) leakage of environment variable credentials over unencrypted HTTP, (2) interaction with a suspicious external domain on a non-standard port, (3) logging of potentially sensitive API responses including tokens and SMS codes, and (4) facilitation of SMS verification bypass which could enable fraudulent account creation or spam activities. The code continuously polls the external API for up to 120 seconds to retrieve SMS codes, creating additional operational risks. While not containing traditional malware payloads, the credential exfiltration and suspicious external communication patterns justify classification as malware due to the significant security risks posed to systems that deploy this code.

[Skill Scanner] Download or install from free hosting/deployment platform detected (AITech 9.1.4) [SC007]

This script contains explicit functionality to read arbitrary files from the local filesystem and upload them to a hardcoded remote server — an exfiltration pattern. Even if intended as a legitimate 'file sync' client, the lack of authentication, absence of file filters or opt-in protection, and hardcoded IP make it high-risk for misuse or malicious intent. The stray trailing 'pas' will cause a syntax error as provided, but the core upload behavior is clear. Treat this package as dangerous for reuse in projects where local secrets exist; do not install or run it without code modification and strict review.

The code contains significant security risks, primarily due to the use of eval and exec, which can lead to arbitrary code execution. The handling of cookies also poses a risk if not properly validated. Overall, the code should be reviewed and modified to mitigate these vulnerabilities.

Live on PyPI for 207 days, 17 hours and 16 minutes before removal. Socket users were protected even while the package was live.

This module intentionally harvests caller bytecode and filename, persists it locally, and exfiltrates it to a hardcoded remote FTP server over plaintext using embedded credentials. This constitutes unauthorized data exfiltration and a high security risk. Do not use this package; treat the exposed credentials and host as compromised and remove the code from any environment where it might be executed.

This module zips a local directory and uploads it to a specific S3 bucket. The code contains hardcoded AWS credentials and a hardcoded bucket name, which is a severe security issue and could enable data exfiltration if these credentials are valid. There are additional problems: a likely return-value bug (undefined variable s3_ke), possible insufficient path-safety around symlinks, and verbose logging of paths. There is no evidence of obfuscation or active payloads like reverse shells or eval-based code execution. Treat this package as high-risk until credentials are removed/rotated and the code is corrected and reviewed.

Live on PyPI for 5 days, 12 hours and 53 minutes before removal. Socket users were protected even while the package was live.

This module contains critical security issues: a direct eval() on command-line inputs enabling arbitrary code execution (RCE) and a 'test' action that creates a hardcoded superuser with a known weak password and grants it all groups (backdoor-like behavior). Treat this as high-risk: remove eval-based dispatch, restrict/whitelist allowed actions, eliminate hardcoded privileged account creation from shipped code, and require explicit developer-only gating for any test helpers. If this code exists in a production/deployed environment, consider revoking credentials created by it and auditing for misuse.

This module implements an explicit UDP flood (denial-of-service) tool. It reads target and payload parameters and repeatedly sends UDP packets in many concurrent threads, optionally indefinitely. There are no safeguards, validation, or limits. This is malicious in typical contexts (unauthorized DDoS) and poses a high supply-chain and operational risk. Do not include or use this code in software unless you have a legitimate, authorized test environment and explicit consent from targets.

This module is an explicit DNS-spoofing tool that intercepts UDP/53 traffic via NetfilterQueue and forges DNS replies using Scapy. It modifies iptables to divert DNS queries, crafts replies with attacker-provided rdata, and reinjects them — enabling MITM redirection and potential data/credential theft. The code contains no safeguards, lacks initialization of some attributes, and the provided snippet appears truncated (syntax error). Treat as high-risk/likely malicious; only use in authorized, isolated test environments.

This module extracts a Colab notebook's source, copies any filesystem paths referenced as strings into a local folder, generates a requirements file, and attempts to send those files to a hard-coded external server. The behavior constitutes likely unauthorized data exfiltration of user code and potentially sensitive local files. Avoid running this package or using it in environments containing secrets or private data. If you already executed it, assume the notebook and any referenced files were transmitted to the remote host and rotate any exposed secrets.

The code contains a clear backdoor-like pattern: a hardcoded private key used to sign and broadcast Nano transactions, coupled with static wallet metadata. If this function is reachable at runtime, it enables unauthorized transactions and poses a significant security risk in any supply-chain context. The presence of NotImplemented stubs does not mitigate the primary risk; remediation requires removing hardcoded secrets, deriving keys securely, validating inputs, and implementing secure signing flows with proper user authorization.

The code does not appear to be intentionally malicious, but the use of the 'eval' function poses a potential security risk.

This script is malicious. It harvests the user's sudo password, fetches an encrypted payload from remote locations determined dynamically (Telegram + a decoded gist URL), decrypts it with a mixed local/remote key, writes the decrypted code to a temp file and executes it. The captured sudo password is passed in the child environment, enabling the remote payload to use it. This is a multi-stage remote code execution backdoor/supply-chain attack. Do not run this script; if executed on a system, treat the host as compromised, rotate credentials and investigate further.

This module is an automation tool that, given Discord user tokens, enumerates servers, creates permanent invite links when necessary, and sends those invite links plus guild names to an external Telegram endpoint. The functionality enables exfiltration and unauthorized propagation into servers and could be used to escalate or distribute malicious campaigns. The code contains clear misuse patterns (credential abuse, creation of durable invites, external exfiltration) and is highly suspicious. Treat as malicious tooling — do not run with real tokens; remove and investigate any exposure of tokens.

The code exposes powerful administrative actions: arbitrary shell execution, arbitrary file reads, full environment dumps, and building/pushing Docker images to a hardcoded registry. These are not obfuscated but are high-risk capabilities that can be abused for data exfiltration, remote code execution, and supply-chain leakage if the superuser authentication is compromised or misconfigured. The presence of a hardcoded remote image name for docker push is suspicious for unintended outbound artifact exfiltration. Recommendation: avoid including these endpoints in public packages or ensure strict, auditable authentication and input validation; remove hardcoded push targets and avoid returning full environment variables or arbitrary file contents.