Secure your dependencies. Ship with confidence.

High security risk. The code contains an explicit mechanism to re-insert and execute <script> tags by creating new script elements (including wrapping inline code in an IIFE) and appending them to document.body. When the live-script flag is enabled, any attacker influence over markdown/DOM content that results in <script> elements can lead to direct client-side script execution (XSS/DOM-based RCE in the browser context). Network fetching from data-src further broadens the input surface via untrusted URLs for code/highlight loading.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

The code contains a severe security risk due to fetching and executing remote code from a user-controlled source with disabled SSL verification. This enables arbitrary remote code execution and is a critical supply chain vulnerability. The code should not be used in production without strong validation, integrity checks, and secure TLS enforcement.

This module is a high-risk utility because it fetches Python code from remote URLs and local markdown files and executes that code directly via execute_py_script_string_as_new_proc without validation or sandboxing. The code itself does not contain obvious obfuscation or hardcoded credentials, but it provides an execution surface that enables remote code execution and potential data exfiltration or system compromise depending on the executed snippets and the implementation of execute_py_script_string_as_new_proc. Treat calls that use remote URLs or untrusted markdown as dangerous. Use only with trusted content or add validation/sandboxing (e.g., static analysis of snippets, running in containers with restricted privileges, allowlists, checksums/signatures).

The code has significant obfuscation and contains several security red flags such as dynamic function creation, potential HTML injection, and console manipulation. These could be used for malicious purposes like tracking, data theft, or unauthorized actions. The intent of some parts of the code is unclear due to obfuscation.

Live on npm for 1 hour and 21 minutes before removal. Socket users were protected even while the package was live.

The code contains a clear backdoor: admin/admin credentials trigger an undocumented password reset to a fixed value, creating unauthorized access risk. The password hashing approach relies on MD5 with salt and an apache-crypt step, which does not meet modern password hashing standards. Additionally, on successful login, the function returns the full user object, potentially leaking sensitive data. While parameterized queries mitigate SQL injection, the combination of backdoor, weak crypto, and data exposure constitutes a significant security risk and supply chain concern. Overall, the code is highly risky and requires immediate remediation, including removing the backdoor, replacing the hashing scheme with a proven algorithm (Argon2/Bcrypt), and limiting data exposure.

This code actively enumerates sensitive filesystem locations and exfiltrates their directory listings to a hardcoded external webhook. It behaves like a supply-chain backdoor or malicious telemetry collector. Do not run this code in production or on sensitive hosts. Block network egress to the indicated domain, remove the package, and investigate systems where this code executed.

The fragment is highly obfuscated and leverages dynamic module loading, payload decryption/assembly, and a deceptive export getter to obscure its true behavior. While explicit actions are not visible in isolation, the combination strongly indicates a potential loader/backdoor mechanism aimed at covert execution or exposure of hidden functionality upon import. Treat as high-risk in supply-chain reviews and perform thorough deobfuscation, dependency resolution, and dynamic analysis in a controlled environment before trusting or distributing.

This file is a malicious web shell/backdoor. It intentionally provides remote command execution, arbitrary PHP evaluation, file management (read/write/delete/upload/download) and remote fetching — all without sanitization or authorization controls. It should be treated as high-risk malware; remove it, investigate scope of compromise, and restore systems from a trusted backup. Rotate credentials that may have been exposed and audit other files for additional backdoors.

This code implements a supply chain attack by unauthorizedly modifying the parent project's package.json file through path traversal (../../). It injects a suspicious 'miz' script that creates a complex execution chain involving postinstall.js and eazymizy.js files, establishing a persistent backdoor mechanism. The code adds dependencies with intentional mismatches between declared packages ('fs') and actually installed packages ('fa'), uses exec() to automatically run npm install commands without user consent, and employs obfuscated naming patterns. The modification creates persistent hooks in the host project that allow execution of arbitrary code from the malicious package, following classic supply chain attack patterns designed to compromise downstream projects.

This file contains an explicit inline XSS payload: it displays an alert and exfiltrates document.cookie to a hard-coded external webhook.site URL via an image request. This is a high-severity supply-chain/stored-XSS compromise for any environment that serves this asset to users. Remediation: remove the inline script immediately, audit repository and CI/publish pipelines for when/why this was introduced, search other assets for similar injections, rotate any potentially exposed session tokens/credentials, ensure authentication cookies are HttpOnly/Secure, and apply integrity protection and review processes for static assets (e.g., SRI, code signing, commit protection).

The code exhibits clear malicious behavior by collecting extensive system information and sending it to a remote server without user consent. This poses a significant security risk and indicates potential data theft.

Live on npm for 5 minutes before removal. Socket users were protected even while the package was live.

The code logs into Discord accounts using provided tokens, enumerates guilds, obtains or creates persistent invite links, and sends those links to an external Telegram endpoint. This is a privacy-invasive behavior that can be used to exfiltrate server invite links and server names. The code is readable and not obfuscated, but its behavior is consistent with abusive or malicious use (harvesting and sharing guild invites). Recommend treating this module as high risk for misuse; inspect sendInviteToTelegram implementation and validate intent/consent before use. If tokens are not owned/authorized, do not run this code.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This code is performing intentional credential harvesting. This is well documented in the readme as the code's intended purpose. it spawns an Electron browser, waits for the user to authenticate to claude.ai, reads the session/auth cookie from the browser session, and prints it so the parent process can capture and return it. That is sensitive data exfiltration and should be considered malicious in most contexts. Using this module allows the caller to obtain users' session cookies (session hijacking). The runtime installation and execution of Electron compounds supply-chain risk. Avoid running or installing this code unless you fully trust its purpose and the environment; do not use in production or on systems with user accounts you do not control.

This assembly contains a strongly suspicious and likely malicious obfuscated loader/backdoor co-located with legitimate Redis wrapper types. The obfuscated component reads embedded resources or files, decrypts/decodes them, allocates executable memory, writes into process memory (and can write into other processes or /proc/self/mem), patches runtime pointers and invokes code — an end-to-end injection/execution pattern. Treat this package as compromised and high risk; do not use it in production, and perform incident response and binary-level analysis of the embedded resources and the decrypted payloads.

This component contains high-risk behavior: it transmits hardcoded privileged credentials to a raw IP address and stores returned tokens in client-side sessionStorage, combined with silent background authentication and error masking. These are strong indicators of a potential backdoor or severe misconfiguration in the supply chain. Immediate actions: block or investigate network calls to the IP, remove or parameterize hardcoded credentials, audit related functions (oe, ne, K.*), and treat tokens persisted in sessionStorage as sensitive. Do not trust this package in production until a full provenance and network-behavior audit completes.

This file uses os.system to run several destructive and security-weakening commands without user consent: it deletes Pipfile in both current and home directories (rm -rf ./Pipfile; rm -rf ~/Pipfile), removes the project virtual environment (rm -rf .venv) and the SSH known_hosts file (rm -rf ~/.ssh/known_hosts), then reads and modifies /etc/ssh/ssh_config to disable StrictHostKeyChecking. All privileged operations are performed by piping a plaintext password (from config.PASSWORD) into sudo via echo '<PASSWORD>' | sudo -S. These actions can cause irreversible data loss, strip SSH host authenticity checks, and expose the system to man-in-the-middle attacks.

This code contains an explicit remote-script-execution pathway: it periodically fetches configuration and will execute data.script using new Function(). That is a high-risk pattern (remote arbitrary code execution in each client). If the remote config source (GetSettingConfigClient) or the environment that provides data.script is compromised, attackers can run any JavaScript in users' browsers, exfiltrate data, manipulate the DOM, persist payloads in localStorage, etc. Recommendation: treat this as a dangerous backdoor unless you can guarantee the remote config source is fully trusted and protected (cryptographic signing, whitelisting, strict origin checks). Remove or harden dynamic script execution (avoid new Function / eval, require signed scripts, or restrict functionality).

This module is a high-risk MITM/proxy component that captures and optionally persists full request bodies and implements a “token swap” routing mechanism that forwards traffic using alternate upstream connections/accounts. Even without seeing the broader repository, the present snippet strongly suggests capability for sensitive data exposure (via saveRequestLog and logging) and for unauthorized rerouting/credential-policy manipulation (via tokenSwapForward). Review is urgently recommended for upstream targets, token/account handling, and data retention/redaction controls.

This module is highly security-relevant: it deterministically derives and prints backdoor telnet credentials (username '__super' and a MAC-derived password) for Accton-based switches. While the snippet does not perform network exploitation or data exfiltration by itself, it provides a concrete credential-generation capability that materially enables unauthorized access when integrated into the surrounding exploitation framework.

The install-time scripts execute packaged Node.js code that (per documentation) will auto-install and auto-start a background daemon, create local services, auto-install additional system/Python packages, and enable P2P/network features. This is a significant supply-chain and post-installation risk: running the install invokes unreviewed JS with the ability to modify the system, open network endpoints, spawn persistent processes, and install further components. If you cannot audit dist/preinstall.cjs and dist/postinstall-daemon.cjs, do not run npm install globally or with elevated privileges. Prefer auditing the install scripts, running installs in isolated environments (containers/VMs), or using OA_SKIP_DAEMON_INSTALL=1 and inspecting what the scripts would do.

This script is high risk. It performs destructive operations (pip uninstall, rm -r, mv) driven by filesystem-derived values and uses os.system with unsanitized string concatenation, creating both accidental-damage and command-injection risks. The presence of cleartext credentials in INTERNAL_REPO_URL is a severe supply-chain and credential-leak issue. There is no evidence here of network exfiltration or an active backdoor, but the combination of hardcoded credentials and destructive behavior makes this unsuitable for inclusion in distributed packages. Recommendations: remove embedded credentials and rotate them if they were ever used; avoid running this script in production; replace shell invocations with safe Python APIs and subprocess calls using argument lists; validate and canonicalize paths; require explicit user confirmation before destructive actions; add robust error handling and logging. Do not trust or execute this file until these mitigations are applied.

Live on pypi for 9 hours and 32 minutes before removal. Socket users were protected even while the package was live.

This install script performs covert data exfiltration by sending the system's uname output and the current working directory to an external server. This constitutes high-risk telemetry/leak behavior and may be used for reconnaissance or to confirm successful compromise. Treat as malicious and block/remove the package until further investigation.

High security risk. The code contains an explicit mechanism to re-insert and execute <script> tags by creating new script elements (including wrapping inline code in an IIFE) and appending them to document.body. When the live-script flag is enabled, any attacker influence over markdown/DOM content that results in <script> elements can lead to direct client-side script execution (XSS/DOM-based RCE in the browser context). Network fetching from data-src further broadens the input surface via untrusted URLs for code/highlight loading.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

The code contains a severe security risk due to fetching and executing remote code from a user-controlled source with disabled SSL verification. This enables arbitrary remote code execution and is a critical supply chain vulnerability. The code should not be used in production without strong validation, integrity checks, and secure TLS enforcement.

This module is a high-risk utility because it fetches Python code from remote URLs and local markdown files and executes that code directly via execute_py_script_string_as_new_proc without validation or sandboxing. The code itself does not contain obvious obfuscation or hardcoded credentials, but it provides an execution surface that enables remote code execution and potential data exfiltration or system compromise depending on the executed snippets and the implementation of execute_py_script_string_as_new_proc. Treat calls that use remote URLs or untrusted markdown as dangerous. Use only with trusted content or add validation/sandboxing (e.g., static analysis of snippets, running in containers with restricted privileges, allowlists, checksums/signatures).

The code has significant obfuscation and contains several security red flags such as dynamic function creation, potential HTML injection, and console manipulation. These could be used for malicious purposes like tracking, data theft, or unauthorized actions. The intent of some parts of the code is unclear due to obfuscation.

Live on npm for 1 hour and 21 minutes before removal. Socket users were protected even while the package was live.

The code contains a clear backdoor: admin/admin credentials trigger an undocumented password reset to a fixed value, creating unauthorized access risk. The password hashing approach relies on MD5 with salt and an apache-crypt step, which does not meet modern password hashing standards. Additionally, on successful login, the function returns the full user object, potentially leaking sensitive data. While parameterized queries mitigate SQL injection, the combination of backdoor, weak crypto, and data exposure constitutes a significant security risk and supply chain concern. Overall, the code is highly risky and requires immediate remediation, including removing the backdoor, replacing the hashing scheme with a proven algorithm (Argon2/Bcrypt), and limiting data exposure.

This code actively enumerates sensitive filesystem locations and exfiltrates their directory listings to a hardcoded external webhook. It behaves like a supply-chain backdoor or malicious telemetry collector. Do not run this code in production or on sensitive hosts. Block network egress to the indicated domain, remove the package, and investigate systems where this code executed.

The fragment is highly obfuscated and leverages dynamic module loading, payload decryption/assembly, and a deceptive export getter to obscure its true behavior. While explicit actions are not visible in isolation, the combination strongly indicates a potential loader/backdoor mechanism aimed at covert execution or exposure of hidden functionality upon import. Treat as high-risk in supply-chain reviews and perform thorough deobfuscation, dependency resolution, and dynamic analysis in a controlled environment before trusting or distributing.

This file is a malicious web shell/backdoor. It intentionally provides remote command execution, arbitrary PHP evaluation, file management (read/write/delete/upload/download) and remote fetching — all without sanitization or authorization controls. It should be treated as high-risk malware; remove it, investigate scope of compromise, and restore systems from a trusted backup. Rotate credentials that may have been exposed and audit other files for additional backdoors.

This code implements a supply chain attack by unauthorizedly modifying the parent project's package.json file through path traversal (../../). It injects a suspicious 'miz' script that creates a complex execution chain involving postinstall.js and eazymizy.js files, establishing a persistent backdoor mechanism. The code adds dependencies with intentional mismatches between declared packages ('fs') and actually installed packages ('fa'), uses exec() to automatically run npm install commands without user consent, and employs obfuscated naming patterns. The modification creates persistent hooks in the host project that allow execution of arbitrary code from the malicious package, following classic supply chain attack patterns designed to compromise downstream projects.

This file contains an explicit inline XSS payload: it displays an alert and exfiltrates document.cookie to a hard-coded external webhook.site URL via an image request. This is a high-severity supply-chain/stored-XSS compromise for any environment that serves this asset to users. Remediation: remove the inline script immediately, audit repository and CI/publish pipelines for when/why this was introduced, search other assets for similar injections, rotate any potentially exposed session tokens/credentials, ensure authentication cookies are HttpOnly/Secure, and apply integrity protection and review processes for static assets (e.g., SRI, code signing, commit protection).

The code exhibits clear malicious behavior by collecting extensive system information and sending it to a remote server without user consent. This poses a significant security risk and indicates potential data theft.

Live on npm for 5 minutes before removal. Socket users were protected even while the package was live.

The code logs into Discord accounts using provided tokens, enumerates guilds, obtains or creates persistent invite links, and sends those links to an external Telegram endpoint. This is a privacy-invasive behavior that can be used to exfiltrate server invite links and server names. The code is readable and not obfuscated, but its behavior is consistent with abusive or malicious use (harvesting and sharing guild invites). Recommend treating this module as high risk for misuse; inspect sendInviteToTelegram implementation and validate intent/consent before use. If tokens are not owned/authorized, do not run this code.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This code is performing intentional credential harvesting. This is well documented in the readme as the code's intended purpose. it spawns an Electron browser, waits for the user to authenticate to claude.ai, reads the session/auth cookie from the browser session, and prints it so the parent process can capture and return it. That is sensitive data exfiltration and should be considered malicious in most contexts. Using this module allows the caller to obtain users' session cookies (session hijacking). The runtime installation and execution of Electron compounds supply-chain risk. Avoid running or installing this code unless you fully trust its purpose and the environment; do not use in production or on systems with user accounts you do not control.

This assembly contains a strongly suspicious and likely malicious obfuscated loader/backdoor co-located with legitimate Redis wrapper types. The obfuscated component reads embedded resources or files, decrypts/decodes them, allocates executable memory, writes into process memory (and can write into other processes or /proc/self/mem), patches runtime pointers and invokes code — an end-to-end injection/execution pattern. Treat this package as compromised and high risk; do not use it in production, and perform incident response and binary-level analysis of the embedded resources and the decrypted payloads.

This component contains high-risk behavior: it transmits hardcoded privileged credentials to a raw IP address and stores returned tokens in client-side sessionStorage, combined with silent background authentication and error masking. These are strong indicators of a potential backdoor or severe misconfiguration in the supply chain. Immediate actions: block or investigate network calls to the IP, remove or parameterize hardcoded credentials, audit related functions (oe, ne, K.*), and treat tokens persisted in sessionStorage as sensitive. Do not trust this package in production until a full provenance and network-behavior audit completes.

This file uses os.system to run several destructive and security-weakening commands without user consent: it deletes Pipfile in both current and home directories (rm -rf ./Pipfile; rm -rf ~/Pipfile), removes the project virtual environment (rm -rf .venv) and the SSH known_hosts file (rm -rf ~/.ssh/known_hosts), then reads and modifies /etc/ssh/ssh_config to disable StrictHostKeyChecking. All privileged operations are performed by piping a plaintext password (from config.PASSWORD) into sudo via echo '<PASSWORD>' | sudo -S. These actions can cause irreversible data loss, strip SSH host authenticity checks, and expose the system to man-in-the-middle attacks.

This code contains an explicit remote-script-execution pathway: it periodically fetches configuration and will execute data.script using new Function(). That is a high-risk pattern (remote arbitrary code execution in each client). If the remote config source (GetSettingConfigClient) or the environment that provides data.script is compromised, attackers can run any JavaScript in users' browsers, exfiltrate data, manipulate the DOM, persist payloads in localStorage, etc. Recommendation: treat this as a dangerous backdoor unless you can guarantee the remote config source is fully trusted and protected (cryptographic signing, whitelisting, strict origin checks). Remove or harden dynamic script execution (avoid new Function / eval, require signed scripts, or restrict functionality).

This module is a high-risk MITM/proxy component that captures and optionally persists full request bodies and implements a “token swap” routing mechanism that forwards traffic using alternate upstream connections/accounts. Even without seeing the broader repository, the present snippet strongly suggests capability for sensitive data exposure (via saveRequestLog and logging) and for unauthorized rerouting/credential-policy manipulation (via tokenSwapForward). Review is urgently recommended for upstream targets, token/account handling, and data retention/redaction controls.

This module is highly security-relevant: it deterministically derives and prints backdoor telnet credentials (username '__super' and a MAC-derived password) for Accton-based switches. While the snippet does not perform network exploitation or data exfiltration by itself, it provides a concrete credential-generation capability that materially enables unauthorized access when integrated into the surrounding exploitation framework.

The install-time scripts execute packaged Node.js code that (per documentation) will auto-install and auto-start a background daemon, create local services, auto-install additional system/Python packages, and enable P2P/network features. This is a significant supply-chain and post-installation risk: running the install invokes unreviewed JS with the ability to modify the system, open network endpoints, spawn persistent processes, and install further components. If you cannot audit dist/preinstall.cjs and dist/postinstall-daemon.cjs, do not run npm install globally or with elevated privileges. Prefer auditing the install scripts, running installs in isolated environments (containers/VMs), or using OA_SKIP_DAEMON_INSTALL=1 and inspecting what the scripts would do.

This script is high risk. It performs destructive operations (pip uninstall, rm -r, mv) driven by filesystem-derived values and uses os.system with unsanitized string concatenation, creating both accidental-damage and command-injection risks. The presence of cleartext credentials in INTERNAL_REPO_URL is a severe supply-chain and credential-leak issue. There is no evidence here of network exfiltration or an active backdoor, but the combination of hardcoded credentials and destructive behavior makes this unsuitable for inclusion in distributed packages. Recommendations: remove embedded credentials and rotate them if they were ever used; avoid running this script in production; replace shell invocations with safe Python APIs and subprocess calls using argument lists; validate and canonicalize paths; require explicit user confirmation before destructive actions; add robust error handling and logging. Do not trust or execute this file until these mitigations are applied.

Live on pypi for 9 hours and 32 minutes before removal. Socket users were protected even while the package was live.

This install script performs covert data exfiltration by sending the system's uname output and the current working directory to an external server. This constitutes high-risk telemetry/leak behavior and may be used for reconnaissance or to confirm successful compromise. Treat as malicious and block/remove the package until further investigation.