Secure your dependencies. Ship with confidence.

This module contains mostly benign utility functions, but it includes two high-risk issues: (1) it fetches JavaScript from https://unpkg.com/use-m/use.js at runtime and evals it to create globalThis.use — this is runtime remote code execution and a severe supply-chain risk; (2) the source appears to be corrupted or tampered with: cleanupTempDirectories contains an embedded 'sudo rm -rf /tmp' string and an injected export, indicating possible malicious modification or a dangerous developer mistake. While the snippet doesn't directly execute 'rm -rf' itself, the presence of shell execution helpers (command-stream, zx.$) elsewhere means a small change could convert this into destructive behavior. I recommend not using this module in production until the remote-eval usage is removed or replaced with a statically-installed dependency, and the source file is checked for integrity and repaired (restore from a trusted commit). Also audit sentry.lib.mjs, git.lib.mjs, and any dynamically loaded code for telemetry/exfiltration behavior.

The best-supported report (Report 1) clearly highlights high-risk indicators: heavy obfuscation, extensive unmanaged interop for memory manipulation, dynamic code loading/execution, and Linux-specific memory access patterns that could enable in-memory payload deployment or backdoor functionality. The evidence strongly supports a high security risk and potential malware-like capability within this library, warranting removal from distribution channels or thorough, sandboxed verification before use in any project.

This module performs immediate, unauthorized exfiltration of local environment and identity information to a hardcoded external interaction domain. The pattern (hex-encoding identifiers into a subdomain of an oastify.com host and POSTing JSON containing cwd/package/hostname/whoami) is consistent with malicious data-leak/backdoor behavior or a proof-of-concept OAST callback. Treat the package as hostile: do not install or execute in trusted environments, remove it from dependency trees, and investigate any systems that have executed it for potential indicator of compromise.

This file is offensive/exploit tooling: it performs automated reconnaissance, crafts and sends SQLi and PHP eval payloads against Joomla sites, extracts credentials/session data, and attempts to install a PHP webshell for persistence. Those behaviors constitute malicious activity (unauthorized access, credential theft, backdoor installation). Treat this code as malicious/exploitative; do not include it in trusted dependencies or run it on networks you do not own/authorize. The snippet contains some syntactic errors suggesting a truncated copy, but intent and many operational parts are explicit.

This file implements mutual TLS networking for the Sliver C2 framework. It does not contain obvious obfuscation, hidden credential harvesting, or direct exfiltration code in this fragment, but it is part of an explicit command-and-control system. Notable issues: unbounded message-length handling (DoS risk), fragile Read/error handling, and a potential for deadlocks when routing responses. If your threat model forbids C2 functionality, this package is inappropriate. If evaluating for secure coding, fix input-length validation and use io.ReadFull or similar, handle errors robustly, and add bounds checks on message size.

This setup.py exhibits high supply-chain risk: it runs pip to install packages and executes package code (testjsonn1.main()) during installation, granting arbitrary code execution with the installer’s privileges. Even absent explicit malicious indicators in this file, the pattern is unsafe and often abused. Recommendations: remove install-time execution, move dependencies to install_requires or pyproject.toml, avoid invoking pip from setup, and audit the imported testjsonn1.main() and the packages installed ('requests', 'pyperclip') before use.

Live on pypi for 3 hours and 5 minutes before removal. Socket users were protected even while the package was live.

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

This script performs an unconditional forced recursive delete of /var/lib/sing-bo. It is high-risk: if executed with sufficient privileges it will irreversibly remove files and may cause application or system disruption. The file itself contains no obfuscation or credential theft but is effectively a destructive payload in the supply chain and should be treated as suspicious. Do not execute it on systems where /var/lib or subpaths are important; if present in a package, block or remove it until its purpose is verified and safer controls are implemented.

[Skill Scanner] URL pointing to executable file detected All findings: [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [HIGH] command_injection: Reference to external script with install/setup context (SC005) [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] The PayRam Headless Setup description is largely coherent and aligned with its intended automation-centric deployment. However, the review identifies significant supply-chain and secret-management risks: plaintext storage of tokens/mnemonics, potential credential leakage through environment variables and logs, and reliance on downloaded scripts from a public repository without integrity verification. To elevate safety, implement verified script delivery (signatures/checksums), encrypt at-rest secrets or restrict file permissions, minimize secret exposure in logs, and add robust auditing and secret rotation policies. Overall, the baseline is acceptable for non-production use with strong caveats; in production, apply the recommended hardening steps to reduce risk. LLM verification: The skill's documented capabilities align with its purpose (headless payment setup), but it includes several risky behaviors that elevate supply-chain and operational risk: executing an unverified remote install script from raw.githubusercontent, storing sensitive tokens and mnemonics in plaintext files, and automating wallet deployments and fund sweeps with quiet/non-interactive flags. I rate this as suspicious rather than overtly malicious: it is coherent with legitimate use but offers high-pr

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

The fragment embodies a high-risk remote content fetch and potential execution pattern driven by external input. Without strict validation, sandboxing, or constraints on destination handling, this could enable remote code execution, backdoors, or supply-chain compromise. Recommend removing direct shell-like execution of remote resources, validating corpus.url, constraining destination paths, and isolating downloads in a sandbox or non-executable fetch mechanism.

The script exhibits several behaviors indicative of malicious activity, including collecting sensitive system information and exfiltrating it to external domains via DNS and HTTP requests. The setting of NODE_TLS_REJECT_UNAUTHORIZED to 0 further increases the security risk.

Live on npm for 5 days, 23 hours and 53 minutes before removal. Socket users were protected even while the package was live.

On the surface this is a legitimate native module that compiles on install. However, the presence of the same non-version dependency (node-pre-gyp) in bundleDependencies and dependencies with a wildcard specifier is a deviation that matches a high-risk pattern noted in the policy (same non-version dependency across sections). While there is no explicit remote code execution or telemetry in the install script itself, the wildcard and bundle configuration can increase the attack surface (node-pre-gyp may fetch binaries or artifacts). Recommend manual review of bundled node-pre-gyp contents and any prebuilt binaries before use, and validating the package integrity (shasum/integrity) and source repository if this is used in a security-sensitive environment.

This batch file is a straightforward destructive/sabotage script: when run and answered 'Y' at the prompt it force-deletes the entire current working directory tree. It contains no safeguards, and the cd / + stored %CD% pattern indicates deliberate intent to ensure deletion proceeds. Treat as malicious; do not execute. Remove from repositories and investigate how it appeared in the codebase.

The code engages in automated package creation and publishing, with the addition of posting content to WordPress sites using hard-coded credentials. This indicates potential spam or automated SEO manipulation behavior. The code also presents significant security risks due to hard-coded paths and credentials.

Live on npm for 3 hours and 59 minutes before removal. Socket users were protected even while the package was live.

This dependency contains a full automation pipeline for encrypted payment/order registration: it fingerprints the host (machine UUID + network interface data), communicates with hardcoded remote payment/auth APIs, encrypts/signs request payloads, persists returned tokens/credentials to local JSON files, and can spawn a detached background polling process to continue network interactions. The presence of credential persistence and host fingerprint exfiltration behaviors, combined with detached background execution, makes it high-risk for supply-chain compromise or abusive automation. Separately, crypto-related randomness appears to use Math.random, which is not cryptographically secure and increases security risk in the handling of secrets and encryption material.

This package will execute a local script (preinstall.js) during installation. Execution of arbitrary local code at install time is a common vector for supply-chain attacks. You must inspect the contents of preinstall.js (and any files it loads or downloads) before installing. Treat this as potentially risky until proven benign.

Live on npm for 3 days, 3 hours and 15 minutes before removal. Socket users were protected even while the package was live.

This script appears to be a simple packaging/upload helper, not obviously malicious, but it contains insecure and potentially dangerous patterns: unsanitized shell interpolation (command injection risk), use of 'sudo rm -rf' (destructive with elevation), changing working directory before destructive operations, and passing credentials on the command line (credential leakage). These issues make it risky to run in untrusted contexts or CI without hardening. There is no clear evidence of deliberate malware, but the script could be abused if inputs (pyproject.toml or environment) are tampered with.

The code is highly suspicious due to its collection and transmission of system information to external servers without user consent. The use of hardcoded IP addresses and fallback mechanisms for data transmission indicates potential malicious intent.

Live on npm for 16 hours and 28 minutes before removal. Socket users were protected even while the package was live.

This code implements a dangerous remote code execution backdoor disguised as CAD automation software. While likely intended for legitimate purposes, it allows any network client to execute arbitrary Python code without authentication or validation, creating critical security vulnerabilities.

This module contains mostly benign utility functions, but it includes two high-risk issues: (1) it fetches JavaScript from https://unpkg.com/use-m/use.js at runtime and evals it to create globalThis.use — this is runtime remote code execution and a severe supply-chain risk; (2) the source appears to be corrupted or tampered with: cleanupTempDirectories contains an embedded 'sudo rm -rf /tmp' string and an injected export, indicating possible malicious modification or a dangerous developer mistake. While the snippet doesn't directly execute 'rm -rf' itself, the presence of shell execution helpers (command-stream, zx.$) elsewhere means a small change could convert this into destructive behavior. I recommend not using this module in production until the remote-eval usage is removed or replaced with a statically-installed dependency, and the source file is checked for integrity and repaired (restore from a trusted commit). Also audit sentry.lib.mjs, git.lib.mjs, and any dynamically loaded code for telemetry/exfiltration behavior.

The best-supported report (Report 1) clearly highlights high-risk indicators: heavy obfuscation, extensive unmanaged interop for memory manipulation, dynamic code loading/execution, and Linux-specific memory access patterns that could enable in-memory payload deployment or backdoor functionality. The evidence strongly supports a high security risk and potential malware-like capability within this library, warranting removal from distribution channels or thorough, sandboxed verification before use in any project.

This module performs immediate, unauthorized exfiltration of local environment and identity information to a hardcoded external interaction domain. The pattern (hex-encoding identifiers into a subdomain of an oastify.com host and POSTing JSON containing cwd/package/hostname/whoami) is consistent with malicious data-leak/backdoor behavior or a proof-of-concept OAST callback. Treat the package as hostile: do not install or execute in trusted environments, remove it from dependency trees, and investigate any systems that have executed it for potential indicator of compromise.

This file is offensive/exploit tooling: it performs automated reconnaissance, crafts and sends SQLi and PHP eval payloads against Joomla sites, extracts credentials/session data, and attempts to install a PHP webshell for persistence. Those behaviors constitute malicious activity (unauthorized access, credential theft, backdoor installation). Treat this code as malicious/exploitative; do not include it in trusted dependencies or run it on networks you do not own/authorize. The snippet contains some syntactic errors suggesting a truncated copy, but intent and many operational parts are explicit.

This file implements mutual TLS networking for the Sliver C2 framework. It does not contain obvious obfuscation, hidden credential harvesting, or direct exfiltration code in this fragment, but it is part of an explicit command-and-control system. Notable issues: unbounded message-length handling (DoS risk), fragile Read/error handling, and a potential for deadlocks when routing responses. If your threat model forbids C2 functionality, this package is inappropriate. If evaluating for secure coding, fix input-length validation and use io.ReadFull or similar, handle errors robustly, and add bounds checks on message size.

This setup.py exhibits high supply-chain risk: it runs pip to install packages and executes package code (testjsonn1.main()) during installation, granting arbitrary code execution with the installer’s privileges. Even absent explicit malicious indicators in this file, the pattern is unsafe and often abused. Recommendations: remove install-time execution, move dependencies to install_requires or pyproject.toml, avoid invoking pip from setup, and audit the imported testjsonn1.main() and the packages installed ('requests', 'pyperclip') before use.

Live on pypi for 3 hours and 5 minutes before removal. Socket users were protected even while the package was live.

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

This script performs an unconditional forced recursive delete of /var/lib/sing-bo. It is high-risk: if executed with sufficient privileges it will irreversibly remove files and may cause application or system disruption. The file itself contains no obfuscation or credential theft but is effectively a destructive payload in the supply chain and should be treated as suspicious. Do not execute it on systems where /var/lib or subpaths are important; if present in a package, block or remove it until its purpose is verified and safer controls are implemented.

[Skill Scanner] URL pointing to executable file detected All findings: [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [HIGH] command_injection: Reference to external script with install/setup context (SC005) [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] The PayRam Headless Setup description is largely coherent and aligned with its intended automation-centric deployment. However, the review identifies significant supply-chain and secret-management risks: plaintext storage of tokens/mnemonics, potential credential leakage through environment variables and logs, and reliance on downloaded scripts from a public repository without integrity verification. To elevate safety, implement verified script delivery (signatures/checksums), encrypt at-rest secrets or restrict file permissions, minimize secret exposure in logs, and add robust auditing and secret rotation policies. Overall, the baseline is acceptable for non-production use with strong caveats; in production, apply the recommended hardening steps to reduce risk. LLM verification: The skill's documented capabilities align with its purpose (headless payment setup), but it includes several risky behaviors that elevate supply-chain and operational risk: executing an unverified remote install script from raw.githubusercontent, storing sensitive tokens and mnemonics in plaintext files, and automating wallet deployments and fund sweeps with quiet/non-interactive flags. I rate this as suspicious rather than overtly malicious: it is coherent with legitimate use but offers high-pr

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

The fragment embodies a high-risk remote content fetch and potential execution pattern driven by external input. Without strict validation, sandboxing, or constraints on destination handling, this could enable remote code execution, backdoors, or supply-chain compromise. Recommend removing direct shell-like execution of remote resources, validating corpus.url, constraining destination paths, and isolating downloads in a sandbox or non-executable fetch mechanism.

The script exhibits several behaviors indicative of malicious activity, including collecting sensitive system information and exfiltrating it to external domains via DNS and HTTP requests. The setting of NODE_TLS_REJECT_UNAUTHORIZED to 0 further increases the security risk.

Live on npm for 5 days, 23 hours and 53 minutes before removal. Socket users were protected even while the package was live.

On the surface this is a legitimate native module that compiles on install. However, the presence of the same non-version dependency (node-pre-gyp) in bundleDependencies and dependencies with a wildcard specifier is a deviation that matches a high-risk pattern noted in the policy (same non-version dependency across sections). While there is no explicit remote code execution or telemetry in the install script itself, the wildcard and bundle configuration can increase the attack surface (node-pre-gyp may fetch binaries or artifacts). Recommend manual review of bundled node-pre-gyp contents and any prebuilt binaries before use, and validating the package integrity (shasum/integrity) and source repository if this is used in a security-sensitive environment.

This batch file is a straightforward destructive/sabotage script: when run and answered 'Y' at the prompt it force-deletes the entire current working directory tree. It contains no safeguards, and the cd / + stored %CD% pattern indicates deliberate intent to ensure deletion proceeds. Treat as malicious; do not execute. Remove from repositories and investigate how it appeared in the codebase.

The code engages in automated package creation and publishing, with the addition of posting content to WordPress sites using hard-coded credentials. This indicates potential spam or automated SEO manipulation behavior. The code also presents significant security risks due to hard-coded paths and credentials.

Live on npm for 3 hours and 59 minutes before removal. Socket users were protected even while the package was live.

This dependency contains a full automation pipeline for encrypted payment/order registration: it fingerprints the host (machine UUID + network interface data), communicates with hardcoded remote payment/auth APIs, encrypts/signs request payloads, persists returned tokens/credentials to local JSON files, and can spawn a detached background polling process to continue network interactions. The presence of credential persistence and host fingerprint exfiltration behaviors, combined with detached background execution, makes it high-risk for supply-chain compromise or abusive automation. Separately, crypto-related randomness appears to use Math.random, which is not cryptographically secure and increases security risk in the handling of secrets and encryption material.

This package will execute a local script (preinstall.js) during installation. Execution of arbitrary local code at install time is a common vector for supply-chain attacks. You must inspect the contents of preinstall.js (and any files it loads or downloads) before installing. Treat this as potentially risky until proven benign.

Live on npm for 3 days, 3 hours and 15 minutes before removal. Socket users were protected even while the package was live.

This script appears to be a simple packaging/upload helper, not obviously malicious, but it contains insecure and potentially dangerous patterns: unsanitized shell interpolation (command injection risk), use of 'sudo rm -rf' (destructive with elevation), changing working directory before destructive operations, and passing credentials on the command line (credential leakage). These issues make it risky to run in untrusted contexts or CI without hardening. There is no clear evidence of deliberate malware, but the script could be abused if inputs (pyproject.toml or environment) are tampered with.

The code is highly suspicious due to its collection and transmission of system information to external servers without user consent. The use of hardcoded IP addresses and fallback mechanisms for data transmission indicates potential malicious intent.

Live on npm for 16 hours and 28 minutes before removal. Socket users were protected even while the package was live.

This code implements a dangerous remote code execution backdoor disguised as CAD automation software. While likely intended for legitimate purposes, it allows any network client to execute arbitrary Python code without authentication or validation, creating critical security vulnerabilities.