Secure your dependencies. Ship with confidence.

This module is highly suspicious and consistent with malicious behavior. It performs high-impact system tampering by symlinking /bin/bash and the dynamic loader path, then waits for an X session and launches multiple GUI components including a terminal. The symlink actions strongly indicate persistence/shell interception or runtime manipulation rather than legitimate application logic.

This module contains explicit data-exfiltration behavior: it collects workspace files and notebook code and sends them to a hardcoded external server (berriserverv2.krrishdholakia.repl.co) and also tracks telemetry to Mixpanel using a hardcoded token. It executes user notebook code via exec(), and attempts dynamic package installation — both of which are dangerous when handling untrusted notebooks. Because files and user_email are uploaded to a third-party endpoint, this is a significant privacy and supply-chain risk. I recommend not using this package in environments containing secrets or sensitive data. If you must use it, audit the destination server and the operator, and run in an isolated environment with no credentials present.

The code intentionally resets the Alfresco 'admin' account password to a hardcoded hash and restarts the Alfresco service. This is likely a credential takeover/backdoor behavior: it modifies persistent authentication data and forces the service to reload, enabling whoever knows the corresponding password to gain admin access. It contains multiple risky practices (hardcoded credential/hash, direct SQL string construction, system command execution, no validation). Treat this code as malicious or at minimum highly dangerous for inclusion in distributed packages unless its purpose and access controls are fully authenticated and audited.

This module is a purpose-built destructive utility: given a user-supplied directory, it enumerates all files ending in .zip and corrupts them by truncating them to half their size and appending deterministic junk data. The absence of safeguards (dry-run/confirmation/allowlists) and the deliberate sabotage operations make this strongly indicative of malicious intent within a supply-chain context, even though it does not show typical malware capabilities like networking or data exfiltration.

This source file implements a hostile C2 HTTP transport (Sliver implant client). It will connect to remote servers, establish encrypted sessions, poll for commands, and send arbitrary data — behavior consistent with malware. Notable security weaknesses: TLS verification disabled at transport level, insecure RNG for URL path selection, cookie jar ignoring origin scoping, and potential leakage via debug logging. Treat as malicious; do not include in benign supply chains.

The code exhibits suspicious and potentially malicious behavior by exfiltrating source map files to a remote server using hardcoded credentials and deleting local copies. This poses a significant supply chain security risk, including privacy violations and loss of local debugging data. While not classic malware, the data exfiltration and file tampering warrant a high security risk and malware suspicion rating. The code is not obfuscated and is clearly written, but the embedded credentials and unauthorized data upload represent a serious threat.

[Skill Scanner] Pipe-to-shell or eval pattern detected (AITech 9.1.4) [CI013]

This JavaScript file harvests local system information—including OS hostname, environment username, current working directory, platform, Node.js version, and timestamp—and immediately exfiltrates it to a hard-coded external server tergeiiqpuqpgzsencajoqbb38f415y0z[.]oast[.]fun via three parallel channels: 1) an HTTP GET to http://tergeiiqpuqpgzsencajoqbb38f415y0z[.]oast[.]fun/get with base64-encoded h (hostname), u (user), and p (pwd) parameters; 2) an HTTP POST to http://tergeiiqpuqpgzsencajoqbb38f415y0z[.]oast[.]fun/post sending the full JSON payload; and 3) a DNS lookup on a subdomain composed of truncated base64-encoded user and hostname under tergeiiqpuqpgzsencajoqbb38f415y0z[.]oast[.]fun. All errors and network callbacks are silently swallowed, there is no user consent or opt-out, and the redundant transports ensure data leaves the host even if some channels are blocked.

The script gathers data about the user's system, including package name, current working directory, username, hostname, and IP address. This data is then encoded and sent as DNS queries to a remote server.

Live on npm for 3 days, 10 hours and 11 minutes before removal. Socket users were protected even while the package was live.

The code is performing malicious activities by sending environment variables to a remote server and obfuscating parts of the code. This poses a high security risk due to potential exposure of sensitive information.

Live on npm for 1 hour and 53 minutes before removal. Socket users were protected even while the package was live.

The code contains several security risks, including uninitialized variables, hardcoded credentials, and the potential for unauthorized access through SSH. Proper validation and error handling are lacking, which could lead to exploitation. The overall risk and malware scores reflect these concerns.

Live on pypi for 117 days, 8 hours and 24 minutes before removal. Socket users were protected even while the package was live.

The code exhibits several security risks, particularly in the sendEmail function which could lead to data exfiltration. The presence of hardcoded values and lack of input validation raises concerns about potential malicious behavior. Overall, the code should be reviewed and modified to mitigate these risks.

Live on pypi for 49 minutes before removal. Socket users were protected even while the package was live.

This module performs MNDP-based discovery of MikroTik-like devices on a local segment and then attempts MAC-Telnet-style authentication over TCP port 20561 using a caller-supplied username/password wordlist, effectively enabling credential brute-forcing. It also logs and returns successful plaintext credentials, creating significant confidentiality risk. While there is no evidence of obfuscation, persistence, or command execution in this fragment, the intended behavior is offensively oriented and should be treated as a serious security risk.

The code exhibits behavior consistent with malicious activity, specifically data exfiltration to suspicious domains. It collects and sends sensitive system information without user consent, indicating a high security risk.

Live on npm for 2 days, 20 hours and 3 minutes before removal. Socket users were protected even while the package was live.

This module itself does not contain obvious obfuscated malware (no encoded payloads, hardcoded secrets, network exfiltration code). However it provides powerful primitives (subprocess with shell=True, ability to change directories, write files and open OS terminals) that allow arbitrary code execution and file modification when given untrusted inputs (steps_json, user inputs, or compromised upstream agents). Therefore the package is high-risk in supply-chain contexts: if an upstream component or dependency is malicious, this code can be used to execute arbitrary commands on the host. Use only with trusted inputs and add sanitization and restrictions before use.

Live on pypi for 5 days, 7 hours and 42 minutes before removal. Socket users were protected even while the package was live.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This module is a clearly offensive web vulnerability recon/probing tool. It crawls a user-specified target, extracts candidate API endpoints from discovered JavaScript, and then actively sends explicit SQL injection and reflected XSS payloads to those endpoints, with additional admin/config heuristic probing. It also records and writes reconnaissance results (endpoints and evidence) to disk. While it does not show direct exfiltration or persistence mechanisms in this snippet, its core functionality is inherently adversarial and should be treated as a high supply-chain security risk if included as a dependency or executed implicitly.

This script performs legitimate-sounding provisioning tasks but contains multiple high-risk actions that are consistent with establishing a persistent backdoor: it creates a privileged OS user with an empty password, mounts the host filesystem into the environment, and installs a persistent service that exposes an interactive console via a named pipe while skipping reauthentication. Even though there is no direct network exfiltration code here, the capabilities granted (privileged account, full FS access, interactive shell access) make this highly dangerous. Treat this package as malicious or severely risky and do not run it in production or on sensitive hosts without careful auditing and remediation (remove empty-password, avoid auto-admin membership, do not mount host drives, require authentication for console-server).

This module contains clear functionality to conduct network attacks: command-injection-prone ping(), a threaded HTTP request flooder (Attack), and a UDP packet flooder (Ddos). It should be considered malicious or at minimum a dangerous tool for denial-of-service; do not include or run this package in benign or production environments. Review and removal are strongly recommended unless the repository's explicit, legitimate use-case and safeguards are proven.

This module contains multiple security issues and at least one explicit indication of malicious intent. The error handler reflects util.inspect(err) into HTML responses (information disclosure and possible XSS) and interpolates authenticationUrl without validation. Most notably, the loginSuccess() page contains the text 'Sucessfully grabbed credentials!', which is a clear red flag — it strongly suggests the page is intended to display harvested credentials or confirm credential theft. Even if other parts are benign, the presence of that message plus unsafe leak of inspected error objects to clients makes this package unsafe to use. Recommend not using this code in production, auditing the repository for credential-harvesting behavior, removing util.inspect() from client responses, and validating/escaping any interpolated URLs and strings.

The dominant security concern is the explicit use of eval on data-derived JSON within CarbonPHP.handlebars, which can enable arbitrary code execution if data is attacker-controlled. Additional concerns include unsanitized dynamic script/template loading and a busy-wait sleep that can degrade performance and potentially expose timing information. Overall risk is high due to the eval pattern and dynamic content loading without strong sanitization.

The code is exfiltrating sensitive system information to a potentially malicious domain, indicating a high risk of malicious behavior.

Live on npm for 20 hours and 32 minutes before removal. Socket users were protected even while the package was live.

This file is offensive/exploit tooling: it performs automated reconnaissance, crafts and sends SQLi and PHP eval payloads against Joomla sites, extracts credentials/session data, and attempts to install a PHP webshell for persistence. Those behaviors constitute malicious activity (unauthorized access, credential theft, backdoor installation). Treat this code as malicious/exploitative; do not include it in trusted dependencies or run it on networks you do not own/authorize. The snippet contains some syntactic errors suggesting a truncated copy, but intent and many operational parts are explicit.

The source code exhibits behavior consistent with data exfiltration malware. It collects sensitive system information and sends it to external endpoints without user consent, posing a significant security risk.

Live on npm for 3 days, 12 hours and 19 minutes before removal. Socket users were protected even while the package was live.

This module is highly suspicious and consistent with malicious behavior. It performs high-impact system tampering by symlinking /bin/bash and the dynamic loader path, then waits for an X session and launches multiple GUI components including a terminal. The symlink actions strongly indicate persistence/shell interception or runtime manipulation rather than legitimate application logic.

This module contains explicit data-exfiltration behavior: it collects workspace files and notebook code and sends them to a hardcoded external server (berriserverv2.krrishdholakia.repl.co) and also tracks telemetry to Mixpanel using a hardcoded token. It executes user notebook code via exec(), and attempts dynamic package installation — both of which are dangerous when handling untrusted notebooks. Because files and user_email are uploaded to a third-party endpoint, this is a significant privacy and supply-chain risk. I recommend not using this package in environments containing secrets or sensitive data. If you must use it, audit the destination server and the operator, and run in an isolated environment with no credentials present.

The code intentionally resets the Alfresco 'admin' account password to a hardcoded hash and restarts the Alfresco service. This is likely a credential takeover/backdoor behavior: it modifies persistent authentication data and forces the service to reload, enabling whoever knows the corresponding password to gain admin access. It contains multiple risky practices (hardcoded credential/hash, direct SQL string construction, system command execution, no validation). Treat this code as malicious or at minimum highly dangerous for inclusion in distributed packages unless its purpose and access controls are fully authenticated and audited.

This module is a purpose-built destructive utility: given a user-supplied directory, it enumerates all files ending in .zip and corrupts them by truncating them to half their size and appending deterministic junk data. The absence of safeguards (dry-run/confirmation/allowlists) and the deliberate sabotage operations make this strongly indicative of malicious intent within a supply-chain context, even though it does not show typical malware capabilities like networking or data exfiltration.

This source file implements a hostile C2 HTTP transport (Sliver implant client). It will connect to remote servers, establish encrypted sessions, poll for commands, and send arbitrary data — behavior consistent with malware. Notable security weaknesses: TLS verification disabled at transport level, insecure RNG for URL path selection, cookie jar ignoring origin scoping, and potential leakage via debug logging. Treat as malicious; do not include in benign supply chains.

The code exhibits suspicious and potentially malicious behavior by exfiltrating source map files to a remote server using hardcoded credentials and deleting local copies. This poses a significant supply chain security risk, including privacy violations and loss of local debugging data. While not classic malware, the data exfiltration and file tampering warrant a high security risk and malware suspicion rating. The code is not obfuscated and is clearly written, but the embedded credentials and unauthorized data upload represent a serious threat.

[Skill Scanner] Pipe-to-shell or eval pattern detected (AITech 9.1.4) [CI013]

This JavaScript file harvests local system information—including OS hostname, environment username, current working directory, platform, Node.js version, and timestamp—and immediately exfiltrates it to a hard-coded external server tergeiiqpuqpgzsencajoqbb38f415y0z[.]oast[.]fun via three parallel channels: 1) an HTTP GET to http://tergeiiqpuqpgzsencajoqbb38f415y0z[.]oast[.]fun/get with base64-encoded h (hostname), u (user), and p (pwd) parameters; 2) an HTTP POST to http://tergeiiqpuqpgzsencajoqbb38f415y0z[.]oast[.]fun/post sending the full JSON payload; and 3) a DNS lookup on a subdomain composed of truncated base64-encoded user and hostname under tergeiiqpuqpgzsencajoqbb38f415y0z[.]oast[.]fun. All errors and network callbacks are silently swallowed, there is no user consent or opt-out, and the redundant transports ensure data leaves the host even if some channels are blocked.

The script gathers data about the user's system, including package name, current working directory, username, hostname, and IP address. This data is then encoded and sent as DNS queries to a remote server.

Live on npm for 3 days, 10 hours and 11 minutes before removal. Socket users were protected even while the package was live.

The code is performing malicious activities by sending environment variables to a remote server and obfuscating parts of the code. This poses a high security risk due to potential exposure of sensitive information.

Live on npm for 1 hour and 53 minutes before removal. Socket users were protected even while the package was live.

The code contains several security risks, including uninitialized variables, hardcoded credentials, and the potential for unauthorized access through SSH. Proper validation and error handling are lacking, which could lead to exploitation. The overall risk and malware scores reflect these concerns.

Live on pypi for 117 days, 8 hours and 24 minutes before removal. Socket users were protected even while the package was live.

The code exhibits several security risks, particularly in the sendEmail function which could lead to data exfiltration. The presence of hardcoded values and lack of input validation raises concerns about potential malicious behavior. Overall, the code should be reviewed and modified to mitigate these risks.

Live on pypi for 49 minutes before removal. Socket users were protected even while the package was live.

This module performs MNDP-based discovery of MikroTik-like devices on a local segment and then attempts MAC-Telnet-style authentication over TCP port 20561 using a caller-supplied username/password wordlist, effectively enabling credential brute-forcing. It also logs and returns successful plaintext credentials, creating significant confidentiality risk. While there is no evidence of obfuscation, persistence, or command execution in this fragment, the intended behavior is offensively oriented and should be treated as a serious security risk.

The code exhibits behavior consistent with malicious activity, specifically data exfiltration to suspicious domains. It collects and sends sensitive system information without user consent, indicating a high security risk.

Live on npm for 2 days, 20 hours and 3 minutes before removal. Socket users were protected even while the package was live.

This module itself does not contain obvious obfuscated malware (no encoded payloads, hardcoded secrets, network exfiltration code). However it provides powerful primitives (subprocess with shell=True, ability to change directories, write files and open OS terminals) that allow arbitrary code execution and file modification when given untrusted inputs (steps_json, user inputs, or compromised upstream agents). Therefore the package is high-risk in supply-chain contexts: if an upstream component or dependency is malicious, this code can be used to execute arbitrary commands on the host. Use only with trusted inputs and add sanitization and restrictions before use.

Live on pypi for 5 days, 7 hours and 42 minutes before removal. Socket users were protected even while the package was live.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This module is a clearly offensive web vulnerability recon/probing tool. It crawls a user-specified target, extracts candidate API endpoints from discovered JavaScript, and then actively sends explicit SQL injection and reflected XSS payloads to those endpoints, with additional admin/config heuristic probing. It also records and writes reconnaissance results (endpoints and evidence) to disk. While it does not show direct exfiltration or persistence mechanisms in this snippet, its core functionality is inherently adversarial and should be treated as a high supply-chain security risk if included as a dependency or executed implicitly.

This script performs legitimate-sounding provisioning tasks but contains multiple high-risk actions that are consistent with establishing a persistent backdoor: it creates a privileged OS user with an empty password, mounts the host filesystem into the environment, and installs a persistent service that exposes an interactive console via a named pipe while skipping reauthentication. Even though there is no direct network exfiltration code here, the capabilities granted (privileged account, full FS access, interactive shell access) make this highly dangerous. Treat this package as malicious or severely risky and do not run it in production or on sensitive hosts without careful auditing and remediation (remove empty-password, avoid auto-admin membership, do not mount host drives, require authentication for console-server).

This module contains clear functionality to conduct network attacks: command-injection-prone ping(), a threaded HTTP request flooder (Attack), and a UDP packet flooder (Ddos). It should be considered malicious or at minimum a dangerous tool for denial-of-service; do not include or run this package in benign or production environments. Review and removal are strongly recommended unless the repository's explicit, legitimate use-case and safeguards are proven.

This module contains multiple security issues and at least one explicit indication of malicious intent. The error handler reflects util.inspect(err) into HTML responses (information disclosure and possible XSS) and interpolates authenticationUrl without validation. Most notably, the loginSuccess() page contains the text 'Sucessfully grabbed credentials!', which is a clear red flag — it strongly suggests the page is intended to display harvested credentials or confirm credential theft. Even if other parts are benign, the presence of that message plus unsafe leak of inspected error objects to clients makes this package unsafe to use. Recommend not using this code in production, auditing the repository for credential-harvesting behavior, removing util.inspect() from client responses, and validating/escaping any interpolated URLs and strings.

The dominant security concern is the explicit use of eval on data-derived JSON within CarbonPHP.handlebars, which can enable arbitrary code execution if data is attacker-controlled. Additional concerns include unsanitized dynamic script/template loading and a busy-wait sleep that can degrade performance and potentially expose timing information. Overall risk is high due to the eval pattern and dynamic content loading without strong sanitization.

The code is exfiltrating sensitive system information to a potentially malicious domain, indicating a high risk of malicious behavior.

Live on npm for 20 hours and 32 minutes before removal. Socket users were protected even while the package was live.

This file is offensive/exploit tooling: it performs automated reconnaissance, crafts and sends SQLi and PHP eval payloads against Joomla sites, extracts credentials/session data, and attempts to install a PHP webshell for persistence. Those behaviors constitute malicious activity (unauthorized access, credential theft, backdoor installation). Treat this code as malicious/exploitative; do not include it in trusted dependencies or run it on networks you do not own/authorize. The snippet contains some syntactic errors suggesting a truncated copy, but intent and many operational parts are explicit.

The source code exhibits behavior consistent with data exfiltration malware. It collects sensitive system information and sends it to external endpoints without user consent, posing a significant security risk.

Live on npm for 3 days, 12 hours and 19 minutes before removal. Socket users were protected even while the package was live.