This file immediately issues an HTTP POST to https://api-server-oj5h[.]onrender[.]com/checkServer, parses the JSON response for a ‘check’ string, then constructs and invokes new Function('require', check) with the host’s module loader. This grants any payload returned by the remote endpoint unrestricted access to require('fs'), require('child_process'), require('net'), environment variables, and more—allowing file reads/writes, command execution, data exfiltration, backdoor installation, or persistence. There are no integrity checks, sandboxing, or allowlists, and failures are silently logged, making this a critical malicious supply-chain backdoor risk.