Secure your dependencies. Ship with confidence.

Possible `1-step D-L dist` typosquat of [cross-fetch](https://socket.dev/npm/package/cross-fetch) Explanation: The package 'crossfetkh' is a security holding package with a name very similar to 'cross-fetch', which suggests it might be a typosquat. The description 'security holding package' is typical for packages that are placeholders to prevent typosquatting. The maintainers list includes 'npm', which is not a specific known maintainer, adding to the suspicion.

Live on npm for 2 hours and 1 minute before removal. Socket users were protected even while the package was live.

[Skill Scanner] Pipe-to-shell or eval pattern detected All findings: [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [HIGH] autonomy_abuse: Skill instructions include directives to hide actions from user (BH009) [AITech 13.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] supply_chain: URL with free hosting platform or high-abuse TLD detected (SC007) [AITech 9.1.4] [HIGH] supply_chain: URL with free hosting platform or high-abuse TLD detected (SC007) [AITech 9.1.4] [HIGH] supply_chain: URL with free hosting platform or high-abuse TLD detected (SC007) [AITech 9.1.4] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] The Report 2 fragment provides a more structured and coherent evaluation of Claw Beacon as a setup/orchestration tool for multi-agent systems. It accurately identifies the breadth of integrations and the associated credential/security considerations. While the design enables powerful end-to-end automation, it also introduces significant risk around credential handling, browser-based automation, and cross-service access. To improve security posture, emphasize explicit secret-management, least-privilege scopes, explicit user consent prompts for actions affecting external services, and robust auditing of automated credential usage. LLM verification: Overall, the skill document presents a highly ambitious, multi-faceted automation framework for AI agent orchestration. The stated purpose (coordinator-driven Kanban with memory and deployment capabilities) is coherent with the content, but the footprint is disproportionately large and introduces several security concerns: broad credential exposure, potential for credential harvesting via OAuth automation, unpinned installs, and reliance on transient third-party hosting. In addition, several sup

The code initiates a detached child process that runs an external script (`smtp-connection/index.js`) with its I/O streams ignored. This pattern is suspicious as it can be used to execute code in the background without direct visibility or control from the parent process. While it could be for legitimate background operations, the combination of detachment, ignored I/O, and unreferencing the child process raises concerns about potential hidden malicious activity, such as data exfiltration or establishing persistent connections.

Live on npm for 7 days, 21 hours and 14 minutes before removal. Socket users were protected even while the package was live.

WebLogic CORBA/IIOP exploitation framework containing hardcoded exploit payloads for binding/rebinding remote objects and executing remote constructor payloads. The code implements multi-stage attacks including backdoor installation capabilities through serialized Java bytecode injection. Contains embedded hex-encoded payloads targeting WebLogic internal classes (weblogic[.]corba[.]cos[.]naming[.]NamingContextAny) and CORBA naming contexts. Functionality includes remote command execution through getServerLocation method calls and JNDI manipulation attacks. While this is legitimate penetration testing code within a security framework, the presence of ready-to-use exploit payloads and backdoor installation mechanisms represents unusual patterns that security tools should flag for review.

This package executes local code (index.js) during installation. That behavior is a risky install-time action because the script could perform telemetry, data exfiltration, install backdoors, modify the system, or execute untrusted code. Inspect index.js before installing or running this package; treat packages with auto-generated names and automated publishing patterns as suspicious.

This module is a purpose-built destructive utility: given a user-supplied directory, it enumerates all files ending in .zip and corrupts them by truncating them to half their size and appending deterministic junk data. The absence of safeguards (dry-run/confirmation/allowlists) and the deliberate sabotage operations make this strongly indicative of malicious intent within a supply-chain context, even though it does not show typical malware capabilities like networking or data exfiltration.

The install script runs a local program (index.js) at install time. This is a potentially risky behavior because the script can execute arbitrary code on the user's machine. To determine if it's malicious you must inspect the contents of index.js (look for network calls, child_process usage, file system writes/deletes, git hook modifications, telemetry/exfiltration code, or external downloads). Absent the index.js source, treat this as a moderate risk.

The module contains functionality that could be abused for data exfiltration and exposes several poor security practices: embedded static credentials (Usertoken, HMAC secret, OSS access key id), disabled TLS verification (verify=False), and arbitrary-file upload capabilities to remote endpoints. These patterns are high risk in a package distributed as a dependency because they allow a remote service (or an attacker controlling those endpoints) to receive local files and the bundled credentials. I rate the probability that this code is intentionally malicious as low-to-moderate because it reads as a client for an AIGC service; however, the inclusion of hardcoded secrets and disabled TLS are severe supply-chain security issues and make this package unsafe for sensitive environments. Recommend removing embedded credentials, enabling TLS verification, restricting uploads, and avoiding silent excepts.

Live on pypi for 52 minutes before removal. Socket users were protected even while the package was live.

The code collects and sends sensitive system information to potentially suspicious external domains without user consent, which is a significant security risk. The use of 'rejectUnauthorized: false' further exacerbates the risk by disabling SSL/TLS certificate validation.

Live on npm for 2 hours and 3 minutes before removal. Socket users were protected even while the package was live.

This setup.py contains deliberate, unconditional data-collection and exfiltration executed during package install/develop. It harvests host identifiers, filesystem context, platform details and CI/runtime environment variables, and posts them in plaintext to a hardcoded, suspicious remote endpoint. Behavior is stealthy (silent exception handling, no opt-out) and consistent with a supply-chain reconnaissance/backdoor. Treat the package as malicious: do not install, remove if present, and investigate any systems where it ran.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This code fragment is an offensive exploitation module that performs unauthenticated command injection/RCE against a specific router/access point by injecting shell commands through an HTTP POST parameter, writing output to a web-accessible file, reading it back over HTTP, and cleaning up afterward. It also supports an interactive command loop after a successful vulnerability check. Despite apparent truncation/syntax issues in the snippet, the malicious intent and data flow (attacker command -> command injection -> output retrieval) are unambiguous.

This module exhibits high-risk supply-chain and credential-exfiltration characteristics. It fetches a remote configuration at import time (allowing an external repository to control runtime endpoints) and transmits user credentials embedded in URL query parameters to the configured server. The behavior is consistent with credential harvesting. Additionally, there is a coding bug that returns an undefined variable, causing a crash after credentials are sent. Recommended actions: do not use this code as-is; remove import-time remote fetches, validate and pin configuration, send credentials in request body over HTTPS, add server hostname allowlist and signature verification for configs, and fix the return variable bug. Treat the package as untrusted until remediated.

This code is an exploit proof-of-concept for phpMyAdmin: it logs in with hard-coded credentials, abuses import and find-and-replace endpoints to inject a payload (defaulting to system('uname -a');) and returns command output. As provided the snippet contains syntax/logic errors and will not execute without fixes, but its intent is clearly malicious/offensive. Inclusion of this code in a dependency is high risk. Use against systems without authorization is malicious and dangerous.

High risk: the code is intentionally obfuscated and implements runtime decryption/unpacking, native memory allocation/writing, and dynamic code creation/execution. These are strong indicators of an in-memory loader/packer which can execute arbitrary payloads at runtime. Treat as suspicious: require provenance verification, source-of-truth build artifacts, and deny use in sensitive environments until the decrypted payload and intent are validated.

Overall, this code fragment is not a benign SharpZip wrapper. It implements an in-memory payload loader with anti-tamper protections, dynamic native interop, and runtime code execution potential. Linux /proc/self/mem access, kernel32/libclrjit interop, and extensive obfuscation strongly indicate a dropper/loader capability that could be leveraged for in-process code execution or persistence. Given these signals, treat this as a high-risk supply-chain artifact requiring thorough white-box analysis, binary-level validation, and containment before any deployment. Recommended actions include removing or isolating this component from public packages until a verifiable, non-malicious refactor is provided and validated.

The fragment demonstrates strong indicators of supply-chain and runtime security risks: it fetches and executes remote Python code, then uses the loaded module to perform sensitive cloud credential operations while persisting credentials locally. This creates a large attack surface for code injection and credential compromise. To reach acceptable security, remove dynamic remote code execution, enforce code integrity (signatures or pinning), avoid plaintext local credential storage, and introduce strict least-privilege controls and sandboxing for any necessary remote interactions.

This file contains heavily obfuscated malicious code designed for credential harvesting and data exfiltration from Facebook. The code exports functions that steal Facebook authentication tokens and cookies from environment variables (process.env.eFB and process.env.cookie), then uses these stolen credentials to make unauthorized requests to Facebook's legitimate Graph API endpoints. The malware employs complex string obfuscation and function name mangling to hide its true purpose - it reconstructs URLs like graph.facebook.com and business.facebook.com through convoluted string operations. When executed, it impersonates the victim by sending their stolen tokens as authentication headers to Facebook's APIs, harvests extensive personal profile data (including names, birthdays, locations, relationships, friend counts, and more), then returns both the stolen credentials and harvested personal data to the attacker. The deliberate obfuscation using randomized function names (KanzuWakazaki variants), indirect string construction, and anti-analysis techniques indicates clear malicious intent to evade detection while performing credential theft and unauthorized data collection.

This code is explicitly malicious/abusive: a Discord 'nuker' that automates deletion of roles and channels, mass-banning of members, and mass-creation/spamming of resources using a stored bot token. It should not be used in any legitimate project. Installing or running this code with a bot token will enable destructive actions against Discord servers. Treat this package as high-risk and avoid execution; remove any bot tokens that may have been exposed and rotate credentials if needed.

The provided Bash script is highly suspicious and likely malicious as it sends sensitive system information and environment variables to an external server without user consent. This behavior poses a significant security risk.

Live on npm for 7 minutes before removal. Socket users were protected even while the package was live.

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

The script covertly ensures a background SSH local port-forward to a hard-coded external host as root, clearing any existing ssh on the same local port first. This pattern is consistent with establishing a covert access or exfiltration channel (notably to a MongoDB-like service on port 27017). It is high-risk: investigate origins of the script, the remote IP, root SSH keys and authorized_keys, and any processes or tools that use local:9999. If unexpected, remove and rotate credentials/keys and perform host compromise analysis.

This module contains multiple critical security issues: (1) Direct eval of user-supplied code in reciveCode — immediate and severe RCE allowing reverse shells and full server compromise. (2) Unvalidated filesystem reads in reciveFiles — allows arbitrary file disclosure (e.g., .env). (3) Potential SQL injection and information leakage in login depending on UsersService and the fact it returns full user records (likely including password hashes). The file reads and eval examples in comments reinforce exploitability. Treat this code as dangerous; remove eval usage, restrict and validate file access (use allowlists and restrict to a safe directory), ensure UsersService uses parameterized queries, and never return sensitive fields in API responses.

Live on npm for 3 hours and 52 minutes before removal. Socket users were protected even while the package was live.

This fragment performs an immediate, unsolicited network beacon to a hardcoded external server on import/execution. While the payload here is only a static 'HelloBeacon' string and there is no direct evidence of data theft or destructive actions, the pattern (import-time network call, hardcoded endpoint, browser-like User-Agent, unused imports) is a supply-chain red flag. Treat the package as suspicious: do not allow this code to run in sensitive environments until the repository owner and intent are validated, the endpoint provenance is confirmed, and network calls are made opt-in or removed. Audit the full package for any code that reads local secrets, encodes data, or performs additional outbound connections.

Live on pypi for 4 hours and 51 minutes before removal. Socket users were protected even while the package was live.

Possible `1-step D-L dist` typosquat of [cross-fetch](https://socket.dev/npm/package/cross-fetch) Explanation: The package 'crossfetkh' is a security holding package with a name very similar to 'cross-fetch', which suggests it might be a typosquat. The description 'security holding package' is typical for packages that are placeholders to prevent typosquatting. The maintainers list includes 'npm', which is not a specific known maintainer, adding to the suspicion.

Live on npm for 2 hours and 1 minute before removal. Socket users were protected even while the package was live.

[Skill Scanner] Pipe-to-shell or eval pattern detected All findings: [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [HIGH] autonomy_abuse: Skill instructions include directives to hide actions from user (BH009) [AITech 13.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] supply_chain: URL with free hosting platform or high-abuse TLD detected (SC007) [AITech 9.1.4] [HIGH] supply_chain: URL with free hosting platform or high-abuse TLD detected (SC007) [AITech 9.1.4] [HIGH] supply_chain: URL with free hosting platform or high-abuse TLD detected (SC007) [AITech 9.1.4] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] [HIGH] data_exfiltration: Outbound data post or form upload via curl/wget detected (NW002) [AITech 8.2.3] The Report 2 fragment provides a more structured and coherent evaluation of Claw Beacon as a setup/orchestration tool for multi-agent systems. It accurately identifies the breadth of integrations and the associated credential/security considerations. While the design enables powerful end-to-end automation, it also introduces significant risk around credential handling, browser-based automation, and cross-service access. To improve security posture, emphasize explicit secret-management, least-privilege scopes, explicit user consent prompts for actions affecting external services, and robust auditing of automated credential usage. LLM verification: Overall, the skill document presents a highly ambitious, multi-faceted automation framework for AI agent orchestration. The stated purpose (coordinator-driven Kanban with memory and deployment capabilities) is coherent with the content, but the footprint is disproportionately large and introduces several security concerns: broad credential exposure, potential for credential harvesting via OAuth automation, unpinned installs, and reliance on transient third-party hosting. In addition, several sup

The code initiates a detached child process that runs an external script (`smtp-connection/index.js`) with its I/O streams ignored. This pattern is suspicious as it can be used to execute code in the background without direct visibility or control from the parent process. While it could be for legitimate background operations, the combination of detachment, ignored I/O, and unreferencing the child process raises concerns about potential hidden malicious activity, such as data exfiltration or establishing persistent connections.

Live on npm for 7 days, 21 hours and 14 minutes before removal. Socket users were protected even while the package was live.

WebLogic CORBA/IIOP exploitation framework containing hardcoded exploit payloads for binding/rebinding remote objects and executing remote constructor payloads. The code implements multi-stage attacks including backdoor installation capabilities through serialized Java bytecode injection. Contains embedded hex-encoded payloads targeting WebLogic internal classes (weblogic[.]corba[.]cos[.]naming[.]NamingContextAny) and CORBA naming contexts. Functionality includes remote command execution through getServerLocation method calls and JNDI manipulation attacks. While this is legitimate penetration testing code within a security framework, the presence of ready-to-use exploit payloads and backdoor installation mechanisms represents unusual patterns that security tools should flag for review.

This package executes local code (index.js) during installation. That behavior is a risky install-time action because the script could perform telemetry, data exfiltration, install backdoors, modify the system, or execute untrusted code. Inspect index.js before installing or running this package; treat packages with auto-generated names and automated publishing patterns as suspicious.

This module is a purpose-built destructive utility: given a user-supplied directory, it enumerates all files ending in .zip and corrupts them by truncating them to half their size and appending deterministic junk data. The absence of safeguards (dry-run/confirmation/allowlists) and the deliberate sabotage operations make this strongly indicative of malicious intent within a supply-chain context, even though it does not show typical malware capabilities like networking or data exfiltration.

The install script runs a local program (index.js) at install time. This is a potentially risky behavior because the script can execute arbitrary code on the user's machine. To determine if it's malicious you must inspect the contents of index.js (look for network calls, child_process usage, file system writes/deletes, git hook modifications, telemetry/exfiltration code, or external downloads). Absent the index.js source, treat this as a moderate risk.

The module contains functionality that could be abused for data exfiltration and exposes several poor security practices: embedded static credentials (Usertoken, HMAC secret, OSS access key id), disabled TLS verification (verify=False), and arbitrary-file upload capabilities to remote endpoints. These patterns are high risk in a package distributed as a dependency because they allow a remote service (or an attacker controlling those endpoints) to receive local files and the bundled credentials. I rate the probability that this code is intentionally malicious as low-to-moderate because it reads as a client for an AIGC service; however, the inclusion of hardcoded secrets and disabled TLS are severe supply-chain security issues and make this package unsafe for sensitive environments. Recommend removing embedded credentials, enabling TLS verification, restricting uploads, and avoiding silent excepts.

Live on pypi for 52 minutes before removal. Socket users were protected even while the package was live.

The code collects and sends sensitive system information to potentially suspicious external domains without user consent, which is a significant security risk. The use of 'rejectUnauthorized: false' further exacerbates the risk by disabling SSL/TLS certificate validation.

Live on npm for 2 hours and 3 minutes before removal. Socket users were protected even while the package was live.

This setup.py contains deliberate, unconditional data-collection and exfiltration executed during package install/develop. It harvests host identifiers, filesystem context, platform details and CI/runtime environment variables, and posts them in plaintext to a hardcoded, suspicious remote endpoint. Behavior is stealthy (silent exception handling, no opt-out) and consistent with a supply-chain reconnaissance/backdoor. Treat the package as malicious: do not install, remove if present, and investigate any systems where it ran.

This module is a high-risk runtime packer/dropper: it embeds an encrypted payload, decrypts it using a user-supplied passphrase, writes the result to `bin/do-setup-circleci-secrets`, and immediately executes it. Because there is no integrity/authenticity validation of the decrypted artifact and the executed code is not shown here, the module should be treated as potentially malicious until the decrypted `bin/do-setup-circleci-secrets` content is inspected and validated in a safe environment.

This code fragment is an offensive exploitation module that performs unauthenticated command injection/RCE against a specific router/access point by injecting shell commands through an HTTP POST parameter, writing output to a web-accessible file, reading it back over HTTP, and cleaning up afterward. It also supports an interactive command loop after a successful vulnerability check. Despite apparent truncation/syntax issues in the snippet, the malicious intent and data flow (attacker command -> command injection -> output retrieval) are unambiguous.

This module exhibits high-risk supply-chain and credential-exfiltration characteristics. It fetches a remote configuration at import time (allowing an external repository to control runtime endpoints) and transmits user credentials embedded in URL query parameters to the configured server. The behavior is consistent with credential harvesting. Additionally, there is a coding bug that returns an undefined variable, causing a crash after credentials are sent. Recommended actions: do not use this code as-is; remove import-time remote fetches, validate and pin configuration, send credentials in request body over HTTPS, add server hostname allowlist and signature verification for configs, and fix the return variable bug. Treat the package as untrusted until remediated.

This code is an exploit proof-of-concept for phpMyAdmin: it logs in with hard-coded credentials, abuses import and find-and-replace endpoints to inject a payload (defaulting to system('uname -a');) and returns command output. As provided the snippet contains syntax/logic errors and will not execute without fixes, but its intent is clearly malicious/offensive. Inclusion of this code in a dependency is high risk. Use against systems without authorization is malicious and dangerous.

High risk: the code is intentionally obfuscated and implements runtime decryption/unpacking, native memory allocation/writing, and dynamic code creation/execution. These are strong indicators of an in-memory loader/packer which can execute arbitrary payloads at runtime. Treat as suspicious: require provenance verification, source-of-truth build artifacts, and deny use in sensitive environments until the decrypted payload and intent are validated.

Overall, this code fragment is not a benign SharpZip wrapper. It implements an in-memory payload loader with anti-tamper protections, dynamic native interop, and runtime code execution potential. Linux /proc/self/mem access, kernel32/libclrjit interop, and extensive obfuscation strongly indicate a dropper/loader capability that could be leveraged for in-process code execution or persistence. Given these signals, treat this as a high-risk supply-chain artifact requiring thorough white-box analysis, binary-level validation, and containment before any deployment. Recommended actions include removing or isolating this component from public packages until a verifiable, non-malicious refactor is provided and validated.

The fragment demonstrates strong indicators of supply-chain and runtime security risks: it fetches and executes remote Python code, then uses the loaded module to perform sensitive cloud credential operations while persisting credentials locally. This creates a large attack surface for code injection and credential compromise. To reach acceptable security, remove dynamic remote code execution, enforce code integrity (signatures or pinning), avoid plaintext local credential storage, and introduce strict least-privilege controls and sandboxing for any necessary remote interactions.

This file contains heavily obfuscated malicious code designed for credential harvesting and data exfiltration from Facebook. The code exports functions that steal Facebook authentication tokens and cookies from environment variables (process.env.eFB and process.env.cookie), then uses these stolen credentials to make unauthorized requests to Facebook's legitimate Graph API endpoints. The malware employs complex string obfuscation and function name mangling to hide its true purpose - it reconstructs URLs like graph.facebook.com and business.facebook.com through convoluted string operations. When executed, it impersonates the victim by sending their stolen tokens as authentication headers to Facebook's APIs, harvests extensive personal profile data (including names, birthdays, locations, relationships, friend counts, and more), then returns both the stolen credentials and harvested personal data to the attacker. The deliberate obfuscation using randomized function names (KanzuWakazaki variants), indirect string construction, and anti-analysis techniques indicates clear malicious intent to evade detection while performing credential theft and unauthorized data collection.

This code is explicitly malicious/abusive: a Discord 'nuker' that automates deletion of roles and channels, mass-banning of members, and mass-creation/spamming of resources using a stored bot token. It should not be used in any legitimate project. Installing or running this code with a bot token will enable destructive actions against Discord servers. Treat this package as high-risk and avoid execution; remove any bot tokens that may have been exposed and rotate credentials if needed.

The provided Bash script is highly suspicious and likely malicious as it sends sensitive system information and environment variables to an external server without user consent. This behavior poses a significant security risk.

Live on npm for 7 minutes before removal. Socket users were protected even while the package was live.

The SweetAlert2 library code is mostly benign and serves as a UI modal dialog tool. However, it contains a suspicious and potentially malicious snippet that targets Russian users on certain domains to play an unsolicited audio prank, disabling pointer events and potentially disrupting user interaction. This behavior is unexpected and should be considered a moderate security risk and potential malware. The rest of the code shows no signs of malicious intent. The provided reports were invalid and unhelpful. Users should be cautious about this version of the library due to the embedded prank behavior.

The script covertly ensures a background SSH local port-forward to a hard-coded external host as root, clearing any existing ssh on the same local port first. This pattern is consistent with establishing a covert access or exfiltration channel (notably to a MongoDB-like service on port 27017). It is high-risk: investigate origins of the script, the remote IP, root SSH keys and authorized_keys, and any processes or tools that use local:9999. If unexpected, remove and rotate credentials/keys and perform host compromise analysis.

This module contains multiple critical security issues: (1) Direct eval of user-supplied code in reciveCode — immediate and severe RCE allowing reverse shells and full server compromise. (2) Unvalidated filesystem reads in reciveFiles — allows arbitrary file disclosure (e.g., .env). (3) Potential SQL injection and information leakage in login depending on UsersService and the fact it returns full user records (likely including password hashes). The file reads and eval examples in comments reinforce exploitability. Treat this code as dangerous; remove eval usage, restrict and validate file access (use allowlists and restrict to a safe directory), ensure UsersService uses parameterized queries, and never return sensitive fields in API responses.

Live on npm for 3 hours and 52 minutes before removal. Socket users were protected even while the package was live.

This fragment performs an immediate, unsolicited network beacon to a hardcoded external server on import/execution. While the payload here is only a static 'HelloBeacon' string and there is no direct evidence of data theft or destructive actions, the pattern (import-time network call, hardcoded endpoint, browser-like User-Agent, unused imports) is a supply-chain red flag. Treat the package as suspicious: do not allow this code to run in sensitive environments until the repository owner and intent are validated, the endpoint provenance is confirmed, and network calls are made opt-in or removed. Audit the full package for any code that reads local secrets, encodes data, or performs additional outbound connections.

Live on pypi for 4 hours and 51 minutes before removal. Socket users were protected even while the package was live.