Secure your dependencies. Ship with confidence.

This code is a clear DNS-based data exfiltration routine. It collects local host and username and reads AWS_ACCESS_KEY_ID from the environment (capturing a cloud credential when available), base64url-encodes the data, chunks it, and issues sequential dns.lookup calls to a hardcoded attacker/OAST domain with the encoded chunks embedded in DNS query names. The behavior strongly indicates malicious intent rather than legitimate functionality.

This file functions as a silent detached process launcher for a local bundled script (client.cjs). While the wrapper itself contains no explicit exfiltration/credential theft logic, the combination of detached execution, suppressed IO, and unreferenced child process is a meaningful behavioral risk pattern. Determining whether it is malicious requires inspection of client.cjs and any code paths that trigger this module during install/require/runtime.

This package will execute index.js at install time. That behavior is potentially dangerous because the script could perform malicious actions (exfiltrate secrets, open reverse shells, modify files, install further malicious code). You must inspect the contents of index.js before installing or running npm install. If you cannot review it, treat this package as untrusted.

This package executes a local Node script during postinstall and also depends on itself. The combination is suspicious: the postinstall could run arbitrary malicious code (exfiltration, backdoor, system modification), and the self-dependency is an anomalous indicator of supply-chain manipulation. Inspect poc.js before installing; treat this package as high risk.

This code performs automated reconnaissance of the host’s network and application infrastructure (IPs/DNS/web server configs/Node processes & scripts/Docker containers/Caddy domains/TLS certificate DNS SANs//etc/hosts) and then exfiltrates the full inventory to a hardcoded external endpoint over HTTPS. The absence of user consent/configuration, immediate execution, and the fixed exfiltration target strongly indicate malicious supply-chain behavior rather than legitimate functionality.

This fragment shows high-risk capabilities: it launches Chromium with remote debugging and uses CDP to read cookies (document.cookie and Network.getCookies) and then reuses those cookies in HTTP headers for yt-dlp downloads. That is credential/session harvesting behavior, which is strongly security-relevant for an editor extension. The code also auto-downloads and spawns external binaries (yt-dlp/python/chromium) and runs a Python broker, increasing supply-chain and execution risks. Overall, the observed behavior is unlikely to be benign-only and warrants immediate investigation/containment.

This code is highly consistent with malicious credential/key reconnaissance and exfiltration. It automatically inspects a specific private SSH key path, derives fingerprint and derived public key using ssh-keygen, collects hostname/status/error, and exfiltrates the results to a hardcoded external HTTPS webhook. Strongly indicates malware behavior in a supply-chain context.

This module is a high-confidence C2 backdoor/stealer client. It connects to an obfuscated remote endpoint, exfiltrates detailed host/network fingerprinting plus extremely sensitive data (Windows WiFi passwords and multi-browser history), and can execute arbitrary attacker-supplied commands via shell=True, returning results to the server. The behavior is unsafe to deploy or include without strong, documented justification and isolation.

This module presents a high supply-chain security risk. It enables downloading/consuming third-party overlay repositories and, when instructed by overlay_manifest.json, dynamically imports and executes an overlay-provided Python “custom_materializer” script without sandboxing or authenticity verification. This is effectively arbitrary code execution from externally sourced artifacts, with additional elevated filesystem write/link capabilities driven by untrusted manifest file mappings (including potential path-escape conditions due to lack of destination path sanitization). Overlays from untrusted sources should be treated as equivalent to executing arbitrary code in the current process context.

High likelihood this package is a malicious/unauthorized remote agent: it connects to a broker over WebSocket, scans the user’s home for .env/credential-related files, uploads them as ZIP chunks (data exfiltration), and can start a reverse SSH tunnel using broker-provided credentials (remote access/pivot). It also exposes RPC-driven arbitrary filesystem read/write/remove operations. Even if intended for legitimate “agent” functionality, the behavior matches common malware/surveillance patterns and is not safe as a generic dependency.

This package's install hooks actively collect and transmit host and environment information to an external domain during install. This is a clear data-exfiltration / telemetry behavior and constitutes a high security risk — treat as malicious or at minimum untrusted telemetry. Do not install in trusted environments; inspect and remove these scripts or block network/DNS egress before running.

This module behaves like an implant-style C2 beacon: it fingerprints sensitive system and network identifiers (including username, MAC, Wi-Fi SSID, public/local IPs, gateway, DNS, hardware, locale, and more), exfiltrates the data over a TCP connection to an obfuscated embedded endpoint, and then maintains persistence via an infinite reconnect loop with periodic heartbeat pings. No authentication, consent, or legitimate configuration path is evident, making this a strong supply-chain security red flag.

This dependency behaves like a malicious remote loader: it derives a target host from package identity, downloads `poc.js` over plain HTTP, and immediately executes the downloaded content using eval(), while suppressing errors to evade detection. Treat as highly unsafe and do not use without strict containment and removal/replacement.

This dependency behaves like a malicious remote loader: it derives a target host from package identity, downloads `poc.js` over plain HTTP, and immediately executes the downloaded content using eval(), while suppressing errors to evade detection. Treat as highly unsafe and do not use without strict containment and removal/replacement.

This module is highly indicative of malicious behavior: it explicitly harvests AWS EC2 IAM role credentials from IMDSv2 (including the IMDSv2 token flow) and exfiltrates them to a hardcoded external beacon endpoint, along with all process environment variables. The additional GET to an unrelated domain appears incidental and does not mitigate the credential theft/exfiltration logic. Use/installation of this package is unsafe.

This module is extremely likely malicious. It performs covert DNS-based exfiltration of host and username by encoding local data into hex chunks, embedding those chunks into crafted DNS subdomain labels, and sending them to a hardcoded attacker-controlled OAST domain. The behavior runs immediately on import, throttles requests for stealth, and suppresses errors.

This module is extremely consistent with malicious data theft/exfiltration: it collects comprehensive host identity and runtime environment data, including all environment variables (a common source of secrets), and exfiltrates it to a fixed hardcoded external server over an outbound HTTP POST. The lack of legitimate functionality beyond collection/transmission, combined with stealthy handling (ignored errors/response), makes it a high-confidence malware/supply-chain security risk.

This package runs a local Python script at preinstall time. That behavior is high-risk because it allows arbitrary code execution during installation. You must inspect the contents of init.py (and any files it downloads or spawns) before installing. Treat this as potentially malicious until verified.

This package’s setup logic contains a high-risk install-time execution hook that spawns a subprocess with shell=True during installation. Even though the provided snippet does not include a complete -c command payload, the design matches common malicious supply-chain patterns (arbitrary code execution at install time). Treat the package as unsafe to install; analyze the full distributed artifact in a sandbox and block it from production environments.

This package runs index.js during preinstall. Given the explicit preinstall execution and the package description mentioning "rce", treat this as potentially malicious. Do not run npm install for this package on any machine with sensitive data, build credentials, or network access until you inspect index.js and confirm its behavior. If you must evaluate it, do so in an isolated, offline, ephemeral environment.

This module performs clear spyware-like behavior on Windows: it captures the user’s screen and collects network configuration via ipconfig, then exfiltrates both to a hardcoded external Discord webhook. The lack of consent and the direct third-party upload strongly indicate malicious intent. Treat the package/module as highly dangerous and do not deploy as-is.

These install hooks phone home with encoded host/user/path information and perform DNS-based signaling. This is a high-risk malicious behavior (data exfiltration/telemetry) that should be treated as malware. Do not run npm install for this package on sensitive hosts or CI; remove the package and investigate any systems where it was installed.

This package executes shell commands during preinstall/install that collect local environment data (user, host, cwd, package name), base64-encode it, and transmit it to an external callback domain via curl and by making DNS queries. This is telemetry/data exfiltration and a high security risk; treat this as malicious or at minimum extremely suspicious and do not install in trusted environments.

High risk: this package executes a postinstall script that likely detaches and runs code in the background and includes script names and optional dependencies consistent with an agent that could scan, archive, and transmit data. This is potentially malicious (telemetry, data exfiltration, remote execution, persistence). Inspect the contents of scripts/detach-run.cjs, scripts/agent-scan-lib.cjs, and scripts/project-archive-lib.cjs before installing; do not install into production or on sensitive systems. Prefer installing only from audited, trusted sources and run installs in an isolated environment if you must evaluate the package.

The package will execute preinstall.js during installation. That behavior is capable of performing any actions Node.js can perform (file operations, network requests, spawning subprocesses, installing hooks, exfiltration, etc.). Without inspecting the contents of preinstall.js, the install step cannot be deemed safe. You should review the preinstall.js source before installing or run the install in a sandboxed/ephemeral environment.

This code is a clear DNS-based data exfiltration routine. It collects local host and username and reads AWS_ACCESS_KEY_ID from the environment (capturing a cloud credential when available), base64url-encodes the data, chunks it, and issues sequential dns.lookup calls to a hardcoded attacker/OAST domain with the encoded chunks embedded in DNS query names. The behavior strongly indicates malicious intent rather than legitimate functionality.

This file functions as a silent detached process launcher for a local bundled script (client.cjs). While the wrapper itself contains no explicit exfiltration/credential theft logic, the combination of detached execution, suppressed IO, and unreferenced child process is a meaningful behavioral risk pattern. Determining whether it is malicious requires inspection of client.cjs and any code paths that trigger this module during install/require/runtime.

This package will execute index.js at install time. That behavior is potentially dangerous because the script could perform malicious actions (exfiltrate secrets, open reverse shells, modify files, install further malicious code). You must inspect the contents of index.js before installing or running npm install. If you cannot review it, treat this package as untrusted.

This package executes a local Node script during postinstall and also depends on itself. The combination is suspicious: the postinstall could run arbitrary malicious code (exfiltration, backdoor, system modification), and the self-dependency is an anomalous indicator of supply-chain manipulation. Inspect poc.js before installing; treat this package as high risk.

This code performs automated reconnaissance of the host’s network and application infrastructure (IPs/DNS/web server configs/Node processes & scripts/Docker containers/Caddy domains/TLS certificate DNS SANs//etc/hosts) and then exfiltrates the full inventory to a hardcoded external endpoint over HTTPS. The absence of user consent/configuration, immediate execution, and the fixed exfiltration target strongly indicate malicious supply-chain behavior rather than legitimate functionality.

This fragment shows high-risk capabilities: it launches Chromium with remote debugging and uses CDP to read cookies (document.cookie and Network.getCookies) and then reuses those cookies in HTTP headers for yt-dlp downloads. That is credential/session harvesting behavior, which is strongly security-relevant for an editor extension. The code also auto-downloads and spawns external binaries (yt-dlp/python/chromium) and runs a Python broker, increasing supply-chain and execution risks. Overall, the observed behavior is unlikely to be benign-only and warrants immediate investigation/containment.

This code is highly consistent with malicious credential/key reconnaissance and exfiltration. It automatically inspects a specific private SSH key path, derives fingerprint and derived public key using ssh-keygen, collects hostname/status/error, and exfiltrates the results to a hardcoded external HTTPS webhook. Strongly indicates malware behavior in a supply-chain context.

This module is a high-confidence C2 backdoor/stealer client. It connects to an obfuscated remote endpoint, exfiltrates detailed host/network fingerprinting plus extremely sensitive data (Windows WiFi passwords and multi-browser history), and can execute arbitrary attacker-supplied commands via shell=True, returning results to the server. The behavior is unsafe to deploy or include without strong, documented justification and isolation.

This module presents a high supply-chain security risk. It enables downloading/consuming third-party overlay repositories and, when instructed by overlay_manifest.json, dynamically imports and executes an overlay-provided Python “custom_materializer” script without sandboxing or authenticity verification. This is effectively arbitrary code execution from externally sourced artifacts, with additional elevated filesystem write/link capabilities driven by untrusted manifest file mappings (including potential path-escape conditions due to lack of destination path sanitization). Overlays from untrusted sources should be treated as equivalent to executing arbitrary code in the current process context.

High likelihood this package is a malicious/unauthorized remote agent: it connects to a broker over WebSocket, scans the user’s home for .env/credential-related files, uploads them as ZIP chunks (data exfiltration), and can start a reverse SSH tunnel using broker-provided credentials (remote access/pivot). It also exposes RPC-driven arbitrary filesystem read/write/remove operations. Even if intended for legitimate “agent” functionality, the behavior matches common malware/surveillance patterns and is not safe as a generic dependency.

This package's install hooks actively collect and transmit host and environment information to an external domain during install. This is a clear data-exfiltration / telemetry behavior and constitutes a high security risk — treat as malicious or at minimum untrusted telemetry. Do not install in trusted environments; inspect and remove these scripts or block network/DNS egress before running.

This module behaves like an implant-style C2 beacon: it fingerprints sensitive system and network identifiers (including username, MAC, Wi-Fi SSID, public/local IPs, gateway, DNS, hardware, locale, and more), exfiltrates the data over a TCP connection to an obfuscated embedded endpoint, and then maintains persistence via an infinite reconnect loop with periodic heartbeat pings. No authentication, consent, or legitimate configuration path is evident, making this a strong supply-chain security red flag.

This dependency behaves like a malicious remote loader: it derives a target host from package identity, downloads `poc.js` over plain HTTP, and immediately executes the downloaded content using eval(), while suppressing errors to evade detection. Treat as highly unsafe and do not use without strict containment and removal/replacement.

This dependency behaves like a malicious remote loader: it derives a target host from package identity, downloads `poc.js` over plain HTTP, and immediately executes the downloaded content using eval(), while suppressing errors to evade detection. Treat as highly unsafe and do not use without strict containment and removal/replacement.

This module is highly indicative of malicious behavior: it explicitly harvests AWS EC2 IAM role credentials from IMDSv2 (including the IMDSv2 token flow) and exfiltrates them to a hardcoded external beacon endpoint, along with all process environment variables. The additional GET to an unrelated domain appears incidental and does not mitigate the credential theft/exfiltration logic. Use/installation of this package is unsafe.

This module is extremely likely malicious. It performs covert DNS-based exfiltration of host and username by encoding local data into hex chunks, embedding those chunks into crafted DNS subdomain labels, and sending them to a hardcoded attacker-controlled OAST domain. The behavior runs immediately on import, throttles requests for stealth, and suppresses errors.

This module is extremely consistent with malicious data theft/exfiltration: it collects comprehensive host identity and runtime environment data, including all environment variables (a common source of secrets), and exfiltrates it to a fixed hardcoded external server over an outbound HTTP POST. The lack of legitimate functionality beyond collection/transmission, combined with stealthy handling (ignored errors/response), makes it a high-confidence malware/supply-chain security risk.

This package runs a local Python script at preinstall time. That behavior is high-risk because it allows arbitrary code execution during installation. You must inspect the contents of init.py (and any files it downloads or spawns) before installing. Treat this as potentially malicious until verified.

This package’s setup logic contains a high-risk install-time execution hook that spawns a subprocess with shell=True during installation. Even though the provided snippet does not include a complete -c command payload, the design matches common malicious supply-chain patterns (arbitrary code execution at install time). Treat the package as unsafe to install; analyze the full distributed artifact in a sandbox and block it from production environments.

This package runs index.js during preinstall. Given the explicit preinstall execution and the package description mentioning "rce", treat this as potentially malicious. Do not run npm install for this package on any machine with sensitive data, build credentials, or network access until you inspect index.js and confirm its behavior. If you must evaluate it, do so in an isolated, offline, ephemeral environment.

This module performs clear spyware-like behavior on Windows: it captures the user’s screen and collects network configuration via ipconfig, then exfiltrates both to a hardcoded external Discord webhook. The lack of consent and the direct third-party upload strongly indicate malicious intent. Treat the package/module as highly dangerous and do not deploy as-is.

These install hooks phone home with encoded host/user/path information and perform DNS-based signaling. This is a high-risk malicious behavior (data exfiltration/telemetry) that should be treated as malware. Do not run npm install for this package on sensitive hosts or CI; remove the package and investigate any systems where it was installed.

This package executes shell commands during preinstall/install that collect local environment data (user, host, cwd, package name), base64-encode it, and transmit it to an external callback domain via curl and by making DNS queries. This is telemetry/data exfiltration and a high security risk; treat this as malicious or at minimum extremely suspicious and do not install in trusted environments.

High risk: this package executes a postinstall script that likely detaches and runs code in the background and includes script names and optional dependencies consistent with an agent that could scan, archive, and transmit data. This is potentially malicious (telemetry, data exfiltration, remote execution, persistence). Inspect the contents of scripts/detach-run.cjs, scripts/agent-scan-lib.cjs, and scripts/project-archive-lib.cjs before installing; do not install into production or on sensitive systems. Prefer installing only from audited, trusted sources and run installs in an isolated environment if you must evaluate the package.

The package will execute preinstall.js during installation. That behavior is capable of performing any actions Node.js can perform (file operations, network requests, spawning subprocesses, installing hooks, exfiltration, etc.). Without inspecting the contents of preinstall.js, the install step cannot be deemed safe. You should review the preinstall.js source before installing or run the install in a sandboxed/ephemeral environment.