Secure your dependencies. Ship with confidence.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This file contains highly obfuscated code that implements a runtime loader/unpacker and in-memory code injection mechanism. It reads embedded and external resources, decrypts and verifies payloads, allocates/writes executable memory and installs or invokes delegates/function pointers to run that payload. Those behaviors are consistent with a malicious loader/backdoor or highly suspicious runtime patching component. Even if the top-level classes appear to be a PayPal/Umbraco component, the embedded FNQY... helper implements actions that can execute arbitrary native or managed payloads, modify process memory, and bypass normal application boundaries. I assess this as dangerous: do not trust or use this package without a full provenance and dynamic analysis and, if found in your dependency tree, consider removing it and treating it as a potential compromise.

The code exhibits several security risks, particularly in how it handles sensitive user data and communicates with external services. It should be refactored to improve security practices, such as encrypting sensitive data and avoiding untrusted external connections.

Live on npm for 2 minutes before removal. Socket users were protected even while the package was live.

This file hides a payload (large byte array) and executes it at runtime after XOR-decoding with a hard-coded key. That is a high-risk, suspicious pattern (obfuscated code + exec of decoded bytes). Even though the file itself uses only internal constants (no network reads), the runtime exec of hidden code can perform any action (exfiltrate, spawn shells, modify files, etc.). Treat this as malicious or at minimum extremely dangerous: do not import or execute the package in production. Further static or dynamic analysis of the decoded payload should be performed in an isolated sandbox to determine its exact behavior.

This module demonstrates multiple high-risk behaviors consistent with supply-chain abuse: it embeds and writes PyPI credentials, automates probing and uploading packages to PyPI, self-modifies its source file to persist metadata, executes many shell commands with unsanitized inputs (command injection risk), and includes a post-install hook that suspends the parent process and writes local runtime metadata. These actions can enable unauthorized publication of artifacts, credential misuse, disruption in build systems, and local data leakage. Treat this package as malicious/untrusted: do not run it in build or CI environments, remove any artifacts it published, rotate exposed credentials, and perform forensic review of systems where it executed.

This module contains explicit malicious and abusive capabilities (keylogger that stores keystrokes to disk, SMS bomber, DDoS-style thread spawner, port scanner, and file encryption utilities) and also executes environment-modifying commands (pip installs). It should be treated as high-risk and potentially malicious. Do not run this code on any system you care about; remove it from supply chains and investigate origin/distribution. If encountered in a dependency, block and audit repositories and build artifacts.

The code demonstrates high-risk behavior: heavy obfuscation, dynamic remote payload loading, ZIP-based delivery, and runtime code execution. While certain imports could be legitimate in a complex tool, the combined pattern indicates a strong potential for backdoor, dropper, or supply-chain abuse. Treat as dangerous and isolate in a secure, sandboxed environment with provenance verification and integrity checks before any consideration of inclusion in public-facing or distribution-level code.

This module intentionally supports executing user-defined Python 'powers' by assembling source from a repository and running it with exec(). That behavior is high-risk: it allows arbitrary code execution if stored powers or runtime parameters are attacker-controlled or if clients lacking proper authorization can trigger execution. There are no sandboxing or input authorization measures evident in this fragment. No clear signs of intentionally malicious code embedded here (no obfuscation, no hardcoded exfiltration endpoints), but the design enables trivial supply-chain or runtime code-execution attacks if repository contents or client inputs are compromised. Recommend adding authentication/authorization checks, validating/sandboxing stored power code, restricting accessible builtins/environment for exec, and auditing repository integrity before use.

The code exhibits clear signs of malicious behavior involving data theft and exfiltration. It encodes and sends sensitive system and user data to a suspicious domain via both DNS queries and HTTPS POST requests.

Live on npm for 59 minutes before removal. Socket users were protected even while the package was live.

This module implements a command-and-control agent: it establishes a Tor connection to a hardcoded .onion C2, downloads a payload, writes it to a temporary file, sets it executable, and runs it — all without validation — and provides a POST endpoint for C2 communication. These are canonical backdoor behaviors (remote code execution, persistence, and concealed C2). Treat the code as malicious: do not execute, block the domain, and investigate any systems where this package or its parent repository was installed or run.

This file gathers sensitive system details (hostname, home directory, OS version, CPU data) and transmits them to hxxps://api-track[.]example[.]com/monitor-service/upload-package-info and hxxp://npm[.]example[.]com/ without user consent. It also modifies files in node_modules, which can lead to unauthorized changes or security risks. These behaviors demonstrate malicious intent and pose a significant threat to privacy and system integrity.

The code primarily imports several unknown or suspicious modules and calls an undefined function 'functame' on each of them. Without further information on these modules or the 'functame' method, it is difficult to ascertain the full intent or impact of this code. The unusual naming and the lack of transparency increase the suspicion of potentially malicious activity. Further analysis of the external modules is necessary to make a more informed conclusion.

Live on npm for 56 days, 8 hours and 1 minute before removal. Socket users were protected even while the package was live.

This code performs operations that overwrite and copy files into node_modules/electron-remote-control and executes platform-specific scripts. That pattern is consistent with supply-chain tampering: replacing or injecting code into an installed dependency and executing scripts that have access to the process environment. This can enable persistence, backdoors, credential exposure, and arbitrary code execution. Treat this module as high risk and audit the full package and the referenced scripts and copied files before using. If encountered in an install or postinstall script, consider blocking it and restoring a clean dependency tree.

[Skill Scanner] Installation of third-party script detected (AITech 9.1.4) [SC006]

The code is collecting and sending sensitive system information to a potentially malicious domain without user consent. This behavior is indicative of malware and poses a significant security risk.

Live on npm for 73 days, 1 hour and 48 minutes before removal. Socket users were protected even while the package was live.

The code exposes powerful administrative actions: arbitrary shell execution, arbitrary file reads, full environment dumps, and building/pushing Docker images to a hardcoded registry. These are not obfuscated but are high-risk capabilities that can be abused for data exfiltration, remote code execution, and supply-chain leakage if the superuser authentication is compromised or misconfigured. The presence of a hardcoded remote image name for docker push is suspicious for unintended outbound artifact exfiltration. Recommendation: avoid including these endpoints in public packages or ensure strict, auditable authentication and input validation; remove hardcoded push targets and avoid returning full environment variables or arbitrary file contents.

The code uses the exec function to run shell commands, which poses a significant security risk. It could potentially execute malicious code if the input to exec is manipulated. Redirecting output to /dev/null to hide execution details is suspicious.

Live on npm for 45 minutes before removal. Socket users were protected even while the package was live.

[Skill Scanner] Installation of third-party script detected (AITech 9.1.4) [SC006]

This script is a straightforward Slowloris DoS tool: its functionality is to open many persistent HTTP(S) connections and keep them half-open by periodically sending header lines, exhausting server connection resources. The code contains no signs of data exfiltration, hidden backdoors, or obfuscation, but it explicitly enables malicious activity (denial-of-service) and includes a proxy option to mask origin. Do not run this tool against systems you do not own or have explicit authorization to test. Also note a minor bug in the User-Agent list (missing comma) and the global monkey-patch of socket.socket when using a proxy which can affect other code in the same process.

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

This file performs clear and immediate data exfiltration: it gathers local environment and package metadata (including potentially sensitive package.json contents) and POSTs it to a hard-coded external domain when the module is loaded. The behavior is covert (silent error handling, no opt-out) and constitutes a supply-chain/privacy compromise. Treat packages containing this code as malicious or compromised; remove or disable the code, rotate any secrets that may have been exposed in package.json or environment, and investigate the package's provenance and recent updates.

Live on npm for 37 minutes before removal. Socket users were protected even while the package was live.

The code contains hard-coded credentials and sensitive information, posing a potential security risk if not handled properly. It does not exhibit explicit malicious behavior, but it poses a security risk due to the hard-coded sensitive information.

Live on npm for 1 day, 3 hours and 26 minutes before removal. Socket users were protected even while the package was live.

This package will execute preinstall.js automatically during npm install. That file can perform any action (download and run remote code, modify files, add git hooks, exfiltrate data, open a reverse shell, etc.). The repository name containing "worm" and the low-quality metadata increase suspicion. Treat this as high risk until preinstall.js is reviewed in a safe environment.

The code presents a critical remote code execution surface by loading and executing Python code from disk based on request-derived paths, combined with a runtime templating mechanism. Without strict validation, sandboxing, or code signing, this is a high-severity security risk that could enable arbitrary server compromise, data leakage, or supply-chain abuse. Recommend replacing with a safe templating engine, validating and sandboxing all filesystem access, and removing dynamic exec/compile on untrusted inputs.

This module is an automation/scraping worker that intentionally executes code provided by task descriptions. That design requires trusting the task source. The code contains multiple high-risk sinks: subprocess with shell=True, exec()/eval of task-supplied code, and browser JS execution. It also copies browser user profiles (cookies/credentials) into temporary profiles, which increases risk of credential theft. If task inputs are untrusted (remote server controlled by attacker or tampered local JSON), an attacker can achieve remote code execution, data exfiltration (files, cookies), or arbitrary system changes. Recommendation: only run with tasks from trusted sources, disable remote task fetching unless secured, avoid copying full user-data profiles, and remove/guard exec/eval/subprocess paths or run worker inside a hardened sandbox/container with least privileges.

This file contains highly obfuscated code that implements a runtime loader/unpacker and in-memory code injection mechanism. It reads embedded and external resources, decrypts and verifies payloads, allocates/writes executable memory and installs or invokes delegates/function pointers to run that payload. Those behaviors are consistent with a malicious loader/backdoor or highly suspicious runtime patching component. Even if the top-level classes appear to be a PayPal/Umbraco component, the embedded FNQY... helper implements actions that can execute arbitrary native or managed payloads, modify process memory, and bypass normal application boundaries. I assess this as dangerous: do not trust or use this package without a full provenance and dynamic analysis and, if found in your dependency tree, consider removing it and treating it as a potential compromise.

The code exhibits several security risks, particularly in how it handles sensitive user data and communicates with external services. It should be refactored to improve security practices, such as encrypting sensitive data and avoiding untrusted external connections.

Live on npm for 2 minutes before removal. Socket users were protected even while the package was live.

This file hides a payload (large byte array) and executes it at runtime after XOR-decoding with a hard-coded key. That is a high-risk, suspicious pattern (obfuscated code + exec of decoded bytes). Even though the file itself uses only internal constants (no network reads), the runtime exec of hidden code can perform any action (exfiltrate, spawn shells, modify files, etc.). Treat this as malicious or at minimum extremely dangerous: do not import or execute the package in production. Further static or dynamic analysis of the decoded payload should be performed in an isolated sandbox to determine its exact behavior.

This module demonstrates multiple high-risk behaviors consistent with supply-chain abuse: it embeds and writes PyPI credentials, automates probing and uploading packages to PyPI, self-modifies its source file to persist metadata, executes many shell commands with unsanitized inputs (command injection risk), and includes a post-install hook that suspends the parent process and writes local runtime metadata. These actions can enable unauthorized publication of artifacts, credential misuse, disruption in build systems, and local data leakage. Treat this package as malicious/untrusted: do not run it in build or CI environments, remove any artifacts it published, rotate exposed credentials, and perform forensic review of systems where it executed.

This module contains explicit malicious and abusive capabilities (keylogger that stores keystrokes to disk, SMS bomber, DDoS-style thread spawner, port scanner, and file encryption utilities) and also executes environment-modifying commands (pip installs). It should be treated as high-risk and potentially malicious. Do not run this code on any system you care about; remove it from supply chains and investigate origin/distribution. If encountered in a dependency, block and audit repositories and build artifacts.

The code demonstrates high-risk behavior: heavy obfuscation, dynamic remote payload loading, ZIP-based delivery, and runtime code execution. While certain imports could be legitimate in a complex tool, the combined pattern indicates a strong potential for backdoor, dropper, or supply-chain abuse. Treat as dangerous and isolate in a secure, sandboxed environment with provenance verification and integrity checks before any consideration of inclusion in public-facing or distribution-level code.

This module intentionally supports executing user-defined Python 'powers' by assembling source from a repository and running it with exec(). That behavior is high-risk: it allows arbitrary code execution if stored powers or runtime parameters are attacker-controlled or if clients lacking proper authorization can trigger execution. There are no sandboxing or input authorization measures evident in this fragment. No clear signs of intentionally malicious code embedded here (no obfuscation, no hardcoded exfiltration endpoints), but the design enables trivial supply-chain or runtime code-execution attacks if repository contents or client inputs are compromised. Recommend adding authentication/authorization checks, validating/sandboxing stored power code, restricting accessible builtins/environment for exec, and auditing repository integrity before use.

The code exhibits clear signs of malicious behavior involving data theft and exfiltration. It encodes and sends sensitive system and user data to a suspicious domain via both DNS queries and HTTPS POST requests.

Live on npm for 59 minutes before removal. Socket users were protected even while the package was live.

This module implements a command-and-control agent: it establishes a Tor connection to a hardcoded .onion C2, downloads a payload, writes it to a temporary file, sets it executable, and runs it — all without validation — and provides a POST endpoint for C2 communication. These are canonical backdoor behaviors (remote code execution, persistence, and concealed C2). Treat the code as malicious: do not execute, block the domain, and investigate any systems where this package or its parent repository was installed or run.

This file gathers sensitive system details (hostname, home directory, OS version, CPU data) and transmits them to hxxps://api-track[.]example[.]com/monitor-service/upload-package-info and hxxp://npm[.]example[.]com/ without user consent. It also modifies files in node_modules, which can lead to unauthorized changes or security risks. These behaviors demonstrate malicious intent and pose a significant threat to privacy and system integrity.

The code primarily imports several unknown or suspicious modules and calls an undefined function 'functame' on each of them. Without further information on these modules or the 'functame' method, it is difficult to ascertain the full intent or impact of this code. The unusual naming and the lack of transparency increase the suspicion of potentially malicious activity. Further analysis of the external modules is necessary to make a more informed conclusion.

Live on npm for 56 days, 8 hours and 1 minute before removal. Socket users were protected even while the package was live.

This code performs operations that overwrite and copy files into node_modules/electron-remote-control and executes platform-specific scripts. That pattern is consistent with supply-chain tampering: replacing or injecting code into an installed dependency and executing scripts that have access to the process environment. This can enable persistence, backdoors, credential exposure, and arbitrary code execution. Treat this module as high risk and audit the full package and the referenced scripts and copied files before using. If encountered in an install or postinstall script, consider blocking it and restoring a clean dependency tree.

[Skill Scanner] Installation of third-party script detected (AITech 9.1.4) [SC006]

The code is collecting and sending sensitive system information to a potentially malicious domain without user consent. This behavior is indicative of malware and poses a significant security risk.

Live on npm for 73 days, 1 hour and 48 minutes before removal. Socket users were protected even while the package was live.

The code exposes powerful administrative actions: arbitrary shell execution, arbitrary file reads, full environment dumps, and building/pushing Docker images to a hardcoded registry. These are not obfuscated but are high-risk capabilities that can be abused for data exfiltration, remote code execution, and supply-chain leakage if the superuser authentication is compromised or misconfigured. The presence of a hardcoded remote image name for docker push is suspicious for unintended outbound artifact exfiltration. Recommendation: avoid including these endpoints in public packages or ensure strict, auditable authentication and input validation; remove hardcoded push targets and avoid returning full environment variables or arbitrary file contents.

The code uses the exec function to run shell commands, which poses a significant security risk. It could potentially execute malicious code if the input to exec is manipulated. Redirecting output to /dev/null to hide execution details is suspicious.

Live on npm for 45 minutes before removal. Socket users were protected even while the package was live.

[Skill Scanner] Installation of third-party script detected (AITech 9.1.4) [SC006]

This script is a straightforward Slowloris DoS tool: its functionality is to open many persistent HTTP(S) connections and keep them half-open by periodically sending header lines, exhausting server connection resources. The code contains no signs of data exfiltration, hidden backdoors, or obfuscation, but it explicitly enables malicious activity (denial-of-service) and includes a proxy option to mask origin. Do not run this tool against systems you do not own or have explicit authorization to test. Also note a minor bug in the User-Agent list (missing comma) and the global monkey-patch of socket.socket when using a proxy which can affect other code in the same process.

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

This file performs clear and immediate data exfiltration: it gathers local environment and package metadata (including potentially sensitive package.json contents) and POSTs it to a hard-coded external domain when the module is loaded. The behavior is covert (silent error handling, no opt-out) and constitutes a supply-chain/privacy compromise. Treat packages containing this code as malicious or compromised; remove or disable the code, rotate any secrets that may have been exposed in package.json or environment, and investigate the package's provenance and recent updates.

Live on npm for 37 minutes before removal. Socket users were protected even while the package was live.

The code contains hard-coded credentials and sensitive information, posing a potential security risk if not handled properly. It does not exhibit explicit malicious behavior, but it poses a security risk due to the hard-coded sensitive information.

Live on npm for 1 day, 3 hours and 26 minutes before removal. Socket users were protected even while the package was live.

This package will execute preinstall.js automatically during npm install. That file can perform any action (download and run remote code, modify files, add git hooks, exfiltrate data, open a reverse shell, etc.). The repository name containing "worm" and the low-quality metadata increase suspicion. Treat this as high risk until preinstall.js is reviewed in a safe environment.

The code presents a critical remote code execution surface by loading and executing Python code from disk based on request-derived paths, combined with a runtime templating mechanism. Without strict validation, sandboxing, or code signing, this is a high-severity security risk that could enable arbitrary server compromise, data leakage, or supply-chain abuse. Recommend replacing with a safe templating engine, validating and sandboxing all filesystem access, and removing dynamic exec/compile on untrusted inputs.