Secure your dependencies. Ship with confidence.

High security risk. This fragment exposes a critical arbitrary code execution capability (EXECUTE_CODE -> eval of msg.code) and pairs it with powerful document read/write primitives (screenshot export to base64, document structure serialization, and broad node/variable mutation including destructive actions). If the message source/origin is not strictly authenticated and limited to fully trusted UI code, this module can function as a backdoor-like bridge enabling both integrity compromise and sensitive data disclosure within the plugin/UI channel.

Possible typosquat of [azure](https://socket.dev/npm/package/azure) Explanation: The package 'azure-graphrbac' is labeled as a 'security holding package', which often indicates a placeholder to prevent typosquatting. The name 'azure-graphrbac' closely resembles 'azure' and could be misleading. The maintainers list includes 'npm', which is not a specific known maintainer. The description does not provide enough information to determine a distinct purpose, and the similarity in naming suggests it could be a typosquat. azure-graphrbac is a security-holding package

Live on npm for 18 minutes before removal. Socket users were protected even while the package was live.

The code exhibits a dangerous remote code execution pattern: it downloads and immediately runs a remote Python payload without integrity checks, sandboxing, or input validation. This creates a severe supply-chain and runtime security risk. Recommended mitigations include removing dynamic downloads, validating payloads with cryptographic hashes or signatures, using safe subprocess invocations with argument lists, and implementing strict input sanitization. If remote functionality must remain, switch to a trusted-internal mechanism (e.g., plugin architecture with signed components, offline verification) and add robust error handling and logging.

The use of eval to execute code from an external JSON file poses a significant security risk. If the 'preinstall.json' file is compromised, it could lead to the execution of arbitrary and potentially malicious code. This makes the code highly vulnerable to attacks.

Live on npm for 41 minutes before removal. Socket users were protected even while the package was live.

The script attempts to run a PNG file as a shell script, which is not a standard practice and raises significant security concerns. This could potentially lead to malicious behavior if the file is crafted to exploit vulnerabilities.

Live on npm for 18 minutes before removal. Socket users were protected even while the package was live.

The code is an automated brute-force / credential-stuffing tool targeting Twitter via a browser automation driver. It reads a local password wordlist and programmatically submits login attempts. This constitutes abusive and likely illegal behavior when used against accounts without authorization. The snippet contains a bug (returns undefined 'foun') and lacks error handling or safeguards. Treat this code as malicious/abusive and avoid executing it; it poses a high security risk and should not be included in trusted codebases.

This fragment is a thin wrapper that executes bundled OS-specific preinstall scripts via shell-based child_process primitives with relative paths and no integrity checks. While such behavior can be legitimate for installation steps, it is also a common high-risk pattern for supply-chain compromise because the executed scripts run with the installer/process privileges. The snippet itself contains no explicit data theft/network exfiltration, but it meaningfully enables arbitrary script execution and may leak sensitive output through console logging.

Live on npm for 3 days, 7 hours and 39 minutes before removal. Socket users were protected even while the package was live.

This module exposes a server-side HTTP endpoint that takes attacker-controlled packageName from request JSON and runs `npm install -g ${packageName}` via child_process.exec. The combination of a remote web trigger, privileged environment modification (global installs), and shell-command execution driven by user input represents a very high supply-chain and operational compromise risk. Error handling may further disclose details to the client. Treat as extremely dangerous and do not use without strong compensating controls (authentication/authorization, removal of exec-based install behavior, and strict hardening).

The bundle contains significant security concerns. The most critical issue is embedded OSS credentials (accessKeyId and accessKeySecret decoded in Mr()) combined with client-side multipartUpload used by the Upload.customRequest implementation — this enables arbitrary file uploads to a remote bucket using baked-in credentials. In addition, the library intentionally performs dynamic code transformation and execution (Babel + Interpreter) of user-supplied code and injects styles/DOM, which is dangerous if any of those inputs are not strictly trusted. These together form a realistic exfiltration and remote-code-execution attack surface. I recommend not using this package in production until the hardcoded credentials are removed and dynamic-execution features are locked down or restricted to trusted inputs. If this is a third-party dependency unexpectedly included in your project, treat as high-risk and investigate the origin and whether credentials have been compromised.

Live on npm for 2 hours and 50 minutes before removal. Socket users were protected even while the package was live.

The code exhibits behavior typical of malware, such as collecting and transmitting system information without user consent. The heavy obfuscation further suggests an attempt to conceal its true purpose. This poses a significant security risk.

This module is a clear offensive network scanner and credential brute-forcing tool. It is built to discover reachable services, try credential lists, persist discovered credentials locally, and (notably) enable automated post-compromise behavior via telnet bot_mode and imported payload modules. Even with some buggy code paths, the intended functionality aligns with malicious botnet/scanning behavior. The imported 'bane' and 'xtelnet' modules implement the dangerous parts and must be treated as high-risk. Do not run this code on production or public networks; remove it and audit any systems where it executed.

This install script performs immediate data exfiltration of local environment identifiers (username, path, hostname) to an external host. This is high-risk and likely malicious telemetry/reconnaissance. Installing this package could leak sensitive situational information about the host to an attacker and enable further targeted actions.

The provided code is obfuscated but implements expected functionality for downloading/resizing images and creating assets in Google Ads (images, YouTube videos, text, CTAs). I found no clear malicious behavior such as eval-based code execution, reverse shells, hardcoded credentials, or exfiltration to suspicious domains. The primary security considerations are: (1) the code sends data and caller-supplied credentials to Google Ads API (expected behavior but sensitive), (2) obfuscation makes audit harder and is a supply-chain concern, and (3) untrusted input (URLs) could be used to make the host download arbitrary resources (SSRF/DoS) if callers do not validate inputs. Overall I assess this fragment as non-malicious but sensitive and warranting careful review of calling code and GoogleAdsClient implementation.

This install script collects environment and user information from the host and posts it to an external server during installation. That is direct data exfiltration / unauthorized telemetry and poses a high privacy and security risk. It may be used for fingerprinting or as a precursor to further malicious actions. Review and remove such behavior or block network access during install; inspect repository history and publisher trustworthiness.

This module is critically insecure due to a hardcoded Ethereum private key in getWallet(address), which ignores the address parameter and returns a deterministic signing wallet. That behavior strongly indicates a supply-chain backdoor/credential compromise risk, enabling unauthorized transaction signing/approvals. Additional risks include unvalidated remote token list fetching (token/address integrity/SSRF concerns) and unsafe local token list file path concatenation, plus a minor initialization logic bug.

This code implements an unauthenticated HTTP control surface for a viewer object that accepts arbitrary commands from request paths and bodies, dynamically looks up and calls attributes on internal objects, loads JSON from requests and triggers callbacks, and serves local files. These behaviors make it high risk for supply-chain or runtime compromise: untrusted clients can invoke methods and mutate state which could lead to data exfiltration, filesystem access, or other damaging actions depending on the viewer's API. It should not be exposed to untrusted networks or used without strict authentication/authorization and input validation.

This script is dangerous: it forcefully removes a specific directory (/home/intel/dlstreamer) using sudo without safeguards or error handling and always prints a success message. It poses a high supply-chain risk (sabotage or accidental data loss) if executed in environments where the target exists or if cd fails and deletion occurs elsewhere. Do not run this script on production systems; require safeguards (checks for existence, confirmations, explicit paths, least-privilege execution, and logging) before any destructive operation.

This module embeds an opaque compressed payload and executes it at import time via exec(). That behavior prevents static inspection and is a strong supply-chain security red flag. Treat the package as high risk: decode and audit the payload in a secure sandbox before allowing use, and avoid execution in production/CI until verified.

This file contains a high-risk, obfuscated dynamic code execution path: the shuf function reads a resource (load('chrome.jpg')), decompresses and transforms part of it, and exec()utes the resulting string. That pattern is consistent with a hidden backdoor or supply-chain payload loader. Without the implementation of load() we cannot say for certain whether the payload is attacker-controllable, but the technique is dangerous and should be treated as malicious until proven benign. Recommendation: treat the package as compromised, remove or isolate it, and investigate the source of the chrome.jpg resource and any calls to shuf. The rest of the FakeUserAgent functionality appears benign but is overshadowed by the exec path.

Live on pypi for 17 hours and 12 minutes before removal. Socket users were protected even while the package was live.

The code fragment enables arbitrary shell command execution derived from untrusted input and exposes the command output as action outputs. This constitutes a high-risk pattern that could enable remote code execution on the runner if inputs are tampered with. Recommend removing dynamic shell execution or implementing strict input validation, command whitelisting, or safer parameter handling to mitigate risk.

This package is designed to run Monero mining software (xmrig) and to build/run a local CLI/server. The postinstall script triggers an additional npm install in a subfolder, and the build uses npx to execute a package. These behaviors enable execution of additional code from the registry and can cause unwanted/unconsented CPU/GPU usage and persistent binaries on the system. Treat this package as high-risk/malicious for typical application dependencies and avoid installing it on machines you care about. If you must inspect it, review all files under the server/ directory (especially server/package.json, server/install scripts, server/dist/cli.js and any bootstrap or configure scripts) in a safe, isolated environment.

This module is a credential/token extractor for Microsoft Teams: it reads cookie databases, invokes platform secrets APIs (DPAPI/keychain) and decrypts the Teams 'skypetoken_asm' cookie. The code itself does not exfiltrate over network, but it obtains highly sensitive credentials and provides them to caller code — this is precisely the behavior used in credential-harvesting malware or malicious supply-chain modules. Use of this module in client projects should be treated as high-risk unless its presence is explicitly required and audited. If found in a dependency unexpectedly, consider it malicious or suspicious and remove or further audit the package and its authors.

High security risk. This fragment exposes a critical arbitrary code execution capability (EXECUTE_CODE -> eval of msg.code) and pairs it with powerful document read/write primitives (screenshot export to base64, document structure serialization, and broad node/variable mutation including destructive actions). If the message source/origin is not strictly authenticated and limited to fully trusted UI code, this module can function as a backdoor-like bridge enabling both integrity compromise and sensitive data disclosure within the plugin/UI channel.

Possible typosquat of [azure](https://socket.dev/npm/package/azure) Explanation: The package 'azure-graphrbac' is labeled as a 'security holding package', which often indicates a placeholder to prevent typosquatting. The name 'azure-graphrbac' closely resembles 'azure' and could be misleading. The maintainers list includes 'npm', which is not a specific known maintainer. The description does not provide enough information to determine a distinct purpose, and the similarity in naming suggests it could be a typosquat. azure-graphrbac is a security-holding package

Live on npm for 18 minutes before removal. Socket users were protected even while the package was live.

The code exhibits a dangerous remote code execution pattern: it downloads and immediately runs a remote Python payload without integrity checks, sandboxing, or input validation. This creates a severe supply-chain and runtime security risk. Recommended mitigations include removing dynamic downloads, validating payloads with cryptographic hashes or signatures, using safe subprocess invocations with argument lists, and implementing strict input sanitization. If remote functionality must remain, switch to a trusted-internal mechanism (e.g., plugin architecture with signed components, offline verification) and add robust error handling and logging.

The use of eval to execute code from an external JSON file poses a significant security risk. If the 'preinstall.json' file is compromised, it could lead to the execution of arbitrary and potentially malicious code. This makes the code highly vulnerable to attacks.

Live on npm for 41 minutes before removal. Socket users were protected even while the package was live.

The script attempts to run a PNG file as a shell script, which is not a standard practice and raises significant security concerns. This could potentially lead to malicious behavior if the file is crafted to exploit vulnerabilities.

Live on npm for 18 minutes before removal. Socket users were protected even while the package was live.

The code is an automated brute-force / credential-stuffing tool targeting Twitter via a browser automation driver. It reads a local password wordlist and programmatically submits login attempts. This constitutes abusive and likely illegal behavior when used against accounts without authorization. The snippet contains a bug (returns undefined 'foun') and lacks error handling or safeguards. Treat this code as malicious/abusive and avoid executing it; it poses a high security risk and should not be included in trusted codebases.

This fragment is a thin wrapper that executes bundled OS-specific preinstall scripts via shell-based child_process primitives with relative paths and no integrity checks. While such behavior can be legitimate for installation steps, it is also a common high-risk pattern for supply-chain compromise because the executed scripts run with the installer/process privileges. The snippet itself contains no explicit data theft/network exfiltration, but it meaningfully enables arbitrary script execution and may leak sensitive output through console logging.

Live on npm for 3 days, 7 hours and 39 minutes before removal. Socket users were protected even while the package was live.

This module exposes a server-side HTTP endpoint that takes attacker-controlled packageName from request JSON and runs `npm install -g ${packageName}` via child_process.exec. The combination of a remote web trigger, privileged environment modification (global installs), and shell-command execution driven by user input represents a very high supply-chain and operational compromise risk. Error handling may further disclose details to the client. Treat as extremely dangerous and do not use without strong compensating controls (authentication/authorization, removal of exec-based install behavior, and strict hardening).

The bundle contains significant security concerns. The most critical issue is embedded OSS credentials (accessKeyId and accessKeySecret decoded in Mr()) combined with client-side multipartUpload used by the Upload.customRequest implementation — this enables arbitrary file uploads to a remote bucket using baked-in credentials. In addition, the library intentionally performs dynamic code transformation and execution (Babel + Interpreter) of user-supplied code and injects styles/DOM, which is dangerous if any of those inputs are not strictly trusted. These together form a realistic exfiltration and remote-code-execution attack surface. I recommend not using this package in production until the hardcoded credentials are removed and dynamic-execution features are locked down or restricted to trusted inputs. If this is a third-party dependency unexpectedly included in your project, treat as high-risk and investigate the origin and whether credentials have been compromised.

Live on npm for 2 hours and 50 minutes before removal. Socket users were protected even while the package was live.

The code exhibits behavior typical of malware, such as collecting and transmitting system information without user consent. The heavy obfuscation further suggests an attempt to conceal its true purpose. This poses a significant security risk.

This module is a clear offensive network scanner and credential brute-forcing tool. It is built to discover reachable services, try credential lists, persist discovered credentials locally, and (notably) enable automated post-compromise behavior via telnet bot_mode and imported payload modules. Even with some buggy code paths, the intended functionality aligns with malicious botnet/scanning behavior. The imported 'bane' and 'xtelnet' modules implement the dangerous parts and must be treated as high-risk. Do not run this code on production or public networks; remove it and audit any systems where it executed.

This install script performs immediate data exfiltration of local environment identifiers (username, path, hostname) to an external host. This is high-risk and likely malicious telemetry/reconnaissance. Installing this package could leak sensitive situational information about the host to an attacker and enable further targeted actions.

The provided code is obfuscated but implements expected functionality for downloading/resizing images and creating assets in Google Ads (images, YouTube videos, text, CTAs). I found no clear malicious behavior such as eval-based code execution, reverse shells, hardcoded credentials, or exfiltration to suspicious domains. The primary security considerations are: (1) the code sends data and caller-supplied credentials to Google Ads API (expected behavior but sensitive), (2) obfuscation makes audit harder and is a supply-chain concern, and (3) untrusted input (URLs) could be used to make the host download arbitrary resources (SSRF/DoS) if callers do not validate inputs. Overall I assess this fragment as non-malicious but sensitive and warranting careful review of calling code and GoogleAdsClient implementation.

This install script collects environment and user information from the host and posts it to an external server during installation. That is direct data exfiltration / unauthorized telemetry and poses a high privacy and security risk. It may be used for fingerprinting or as a precursor to further malicious actions. Review and remove such behavior or block network access during install; inspect repository history and publisher trustworthiness.

This module is critically insecure due to a hardcoded Ethereum private key in getWallet(address), which ignores the address parameter and returns a deterministic signing wallet. That behavior strongly indicates a supply-chain backdoor/credential compromise risk, enabling unauthorized transaction signing/approvals. Additional risks include unvalidated remote token list fetching (token/address integrity/SSRF concerns) and unsafe local token list file path concatenation, plus a minor initialization logic bug.

This code implements an unauthenticated HTTP control surface for a viewer object that accepts arbitrary commands from request paths and bodies, dynamically looks up and calls attributes on internal objects, loads JSON from requests and triggers callbacks, and serves local files. These behaviors make it high risk for supply-chain or runtime compromise: untrusted clients can invoke methods and mutate state which could lead to data exfiltration, filesystem access, or other damaging actions depending on the viewer's API. It should not be exposed to untrusted networks or used without strict authentication/authorization and input validation.

This script is dangerous: it forcefully removes a specific directory (/home/intel/dlstreamer) using sudo without safeguards or error handling and always prints a success message. It poses a high supply-chain risk (sabotage or accidental data loss) if executed in environments where the target exists or if cd fails and deletion occurs elsewhere. Do not run this script on production systems; require safeguards (checks for existence, confirmations, explicit paths, least-privilege execution, and logging) before any destructive operation.

This module embeds an opaque compressed payload and executes it at import time via exec(). That behavior prevents static inspection and is a strong supply-chain security red flag. Treat the package as high risk: decode and audit the payload in a secure sandbox before allowing use, and avoid execution in production/CI until verified.

This file contains a high-risk, obfuscated dynamic code execution path: the shuf function reads a resource (load('chrome.jpg')), decompresses and transforms part of it, and exec()utes the resulting string. That pattern is consistent with a hidden backdoor or supply-chain payload loader. Without the implementation of load() we cannot say for certain whether the payload is attacker-controllable, but the technique is dangerous and should be treated as malicious until proven benign. Recommendation: treat the package as compromised, remove or isolate it, and investigate the source of the chrome.jpg resource and any calls to shuf. The rest of the FakeUserAgent functionality appears benign but is overshadowed by the exec path.

Live on pypi for 17 hours and 12 minutes before removal. Socket users were protected even while the package was live.

The code fragment enables arbitrary shell command execution derived from untrusted input and exposes the command output as action outputs. This constitutes a high-risk pattern that could enable remote code execution on the runner if inputs are tampered with. Recommend removing dynamic shell execution or implementing strict input validation, command whitelisting, or safer parameter handling to mitigate risk.

This package is designed to run Monero mining software (xmrig) and to build/run a local CLI/server. The postinstall script triggers an additional npm install in a subfolder, and the build uses npx to execute a package. These behaviors enable execution of additional code from the registry and can cause unwanted/unconsented CPU/GPU usage and persistent binaries on the system. Treat this package as high-risk/malicious for typical application dependencies and avoid installing it on machines you care about. If you must inspect it, review all files under the server/ directory (especially server/package.json, server/install scripts, server/dist/cli.js and any bootstrap or configure scripts) in a safe, isolated environment.

This module is a credential/token extractor for Microsoft Teams: it reads cookie databases, invokes platform secrets APIs (DPAPI/keychain) and decrypts the Teams 'skypetoken_asm' cookie. The code itself does not exfiltrate over network, but it obtains highly sensitive credentials and provides them to caller code — this is precisely the behavior used in credential-harvesting malware or malicious supply-chain modules. Use of this module in client projects should be treated as high-risk unless its presence is explicitly required and audited. If found in a dependency unexpectedly, consider it malicious or suspicious and remove or further audit the package and its authors.