Secure your dependencies. Ship with confidence.

This module shows strong supply-chain-malware-like characteristics: heavy obfuscation, self-deobfuscation/array rotation, and immediate eval-equivalent execution of a reconstructed code string. The payload is granted direct access to `window` and the ability to overwrite `exports`, enabling stealthy browser/global behavior and module-level hijacking. Concrete malicious actions (e.g., network exfiltration) are not observable in the snippet because the executed payload body is reconstructed dynamically and appears truncated; nonetheless, the risk warrants immediate sandbox analysis and provenance verification before use.

This install script is performing active credential validation and exfiltration. It collects secrets and environment metadata and sends them to an external webhook over HTTPS. This behavior constitutes malicious data exfiltration and is a high-severity supply chain risk. Do not run this package; inspect and remove any compromised credentials and rotate tokens/keys that may have been exposed.

This code implements an authenticated remote command execution web endpoint. It executes arbitrary attacker-supplied shell commands (subprocess.run with shell=True) and returns stdout/stderr to the requester, enabling straightforward system compromise and data/signal exfiltration. The presence of hardcoded default credentials and debug mode further increases exploitability and deployment risk. This is not suitable as a safe dependency.

This code is strongly indicative of unauthorized session harvesting: it clones a local Chrome profile’s cookie databases into a temporary user-data directory, launches Chromium with that cloned session, reads the 'auth_token' cookie for x.com/twitter.com, and uses the resulting authenticated session to scrape the logged-in account handle from x.com/home. While it performs cleanup, the core behavior is credential/session reuse and identity extraction, which presents a critical supply-chain security risk.

The fragment is predominantly media-editor logic, but it contains a high-severity supply-chain remote code execution primitive. Specifically, the woff2 decompressor is loaded at runtime by fetching JavaScript from a public CDN and executing it via new Function(...). This bypasses npm-style integrity controls and would allow arbitrary script execution if the fetched resource is altered or compromised. Additional concerns include untrusted URL usage for media/font network access (privacy/egress) and merge-field/alias-driven configuration propagation, but these are secondary to the direct execution sink.

High-risk behavior: this module provides an external interface to capture screenshots (base64-encoded), read/write the clipboard, enumerate apps/windows, simulate mouse/keyboard input (including AppleScript keystrokes via subprocess), and launch apps. Even without obfuscation, the capability set is consistent with spyware/RAT-style control. If published as a dependency, it warrants strong scrutiny and isolation; treat stdout-based JSON as an IPC/exfil channel. Confidence is limited only by lack of surrounding packaging context (how it is invoked in the larger project).

This module fragment strongly matches a staged obfuscated loader: it decodes/constructs hidden code at runtime and executes it via `Function(...)`, while explicitly granting the payload access to `require`, `window`, and the ability to read/overwrite `exports`. Even though the actual malicious actions are not observable in the truncated snippet, the structural indicators (dynamic evaluation + environment capability exposure + export tampering potential) warrant treating the dependency as untrusted and performing deeper deobfuscation/emulation to reveal the executed payload behavior.

Critical supply-chain/security risk: FontLoadParser.loadWoff2Decompressor() fetches a JavaScript decompressor binding from a public CDN at runtime and executes it using new Function(...). This is effectively remote code execution in the browser and should be treated as a high-severity supply-chain vulnerability. Additional medium risks exist from loading attacker-controlled URLs for fonts/media, but the dynamic CDN execution is the primary concern.

This module provides two direct arbitrary code execution pathways (in-process exec and out-of-process subprocess execution of attacker-written Python code) and further registers attacker-defined functions into a ToolRegistry, creating a persistent execution capability within the running application. It lacks sandboxing, validation, and authorization checks. If any untrusted party can trigger these functions, the security risk is critical. Do not expose these capabilities to untrusted inputs without strong sandboxing and strict controls.

The module primarily implements standard OAuth/OIDC SPA authentication with DPoP and client-side caching. However, it contains a critical supply-chain anomaly: a hardcoded base64-encoded JavaScript payload is decoded at runtime and executed as a Web Worker via Blob + object URL. This introduces an obfuscated, dynamically executed component into a security-sensitive auth library and could enable covert manipulation or exfiltration of tokens/DPoP artifacts. Treat the package as unsafe until the worker payload is decoded, reviewed, and behaviorally tested in isolation (network/storage/message capabilities).

This code implements an authenticated remote command execution web endpoint. It executes arbitrary attacker-supplied shell commands (subprocess.run with shell=True) and returns stdout/stderr to the requester, enabling straightforward system compromise and data/signal exfiltration. The presence of hardcoded default credentials and debug mode further increases exploitability and deployment risk. This is not suitable as a safe dependency.

This module is strongly malicious: it performs credential harvesting (environment and ~/.npmrc), persists the harvested npm token into a local `.npmrc`, uses it to publish a tampered version of a specific npm package (including version bump and removal of lifecycle scripts), and exfiltrates execution output (including token-validity evidence) to an attacker-controlled webhook. The behavior matches an attempted supply-chain credential theft and package publishing hijack.

This module contains a high-impact remote code execution capability: script elements inserted with an external `src` are loaded and executed via `tabris._client.loadAndExecute(t.src, ...)`. Additionally, it tampers with global messaging/close APIs and forwards internal logs across the native messaging boundary. While much of the remainder appears to be legitimate runtime plumbing, the presence of an external-URL-to-execution sink makes the supply-chain/security risk elevated and warrants investigation of `tabris._client.loadAndExecute` and any URL/origin validation/allowlisting performed there.

This fragment is a high-risk obfuscated loader stub that reconstructs executable code at runtime using `Function(...)` and equips that payload with direct access to `window`, `require`, `module`, and mutable `exports`. While the exact malicious actions are not visible due to truncation, the structure strongly matches a stealthy loader/backdoor pattern and warrants containment and full deobfuscation of the complete file before trust.

This module provides two direct arbitrary code execution pathways (in-process exec and out-of-process subprocess execution of attacker-written Python code) and further registers attacker-defined functions into a ToolRegistry, creating a persistent execution capability within the running application. It lacks sandboxing, validation, and authorization checks. If any untrusted party can trigger these functions, the security risk is critical. Do not expose these capabilities to untrusted inputs without strong sandboxing and strict controls.

This module provides two direct arbitrary code execution pathways (in-process exec and out-of-process subprocess execution of attacker-written Python code) and further registers attacker-defined functions into a ToolRegistry, creating a persistent execution capability within the running application. It lacks sandboxing, validation, and authorization checks. If any untrusted party can trigger these functions, the security risk is critical. Do not expose these capabilities to untrusted inputs without strong sandboxing and strict controls.

This fragment is strongly consistent with a supply-chain loader/packer rather than a transparent dependency: it self-decodes via a rotated string table, bridges browser and CommonJS globals (window/exports/require), dynamically assembles/execut es a large async routine, and includes strings indicative of XMLHttpRequest-capable network activity. Exact malicious intent (e.g., specific exfiltration targets or stolen data) cannot be proven from this excerpt alone, but the behavior profile is high-risk and should be deobfuscated and executed in a sandbox with network/exports instrumentation before use.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This fragment is best characterized as a highly suspicious obfuscated loader/stager rather than benign dependency code. It performs runtime string/value decoding, executes a dynamically constructed function via the `Function` constructor, and explicitly gains access to `window` and CommonJS primitives (`require`, `module`, `exports`) through injected getters/setters. While the excerpt does not show concrete exfiltration or file/network operations, the loader pattern and capability surface strongly indicate malicious intent or, at minimum, a code-execution mechanism that should not be trusted without deobfuscation and sandboxed behavioral analysis.

Security risk is high. This module automates media downloading, but it also performs explicit browser cookie harvesting (document.cookie and CDP Network.getCookies) and then reuses the captured cookies/referrer/origin as HTTP/yt-dlp request headers for remote downloads. Additionally, it spawns external binaries (yt-dlp/ffmpeg/PowerShell/Chromium) and manages a local Python broker with auto-install behavior, significantly increasing execution and supply-chain attack surface. This combination is strongly privacy-invasive and plausibly credential/session misuse rather than benign media exporting.

This module is strongly malicious: it performs credential harvesting (environment and ~/.npmrc), persists the harvested npm token into a local `.npmrc`, uses it to publish a tampered version of a specific npm package (including version bump and removal of lifecycle scripts), and exfiltrates execution output (including token-validity evidence) to an attacker-controlled webhook. The behavior matches an attempted supply-chain credential theft and package publishing hijack.

This extension fragment contains a high-risk credential theft workflow: it uses Chrome DevTools Protocol to extract media URLs and explicitly captures document.cookie (and can fetch cookies via Network.getCookies). Those cookies are then reused as HTTP headers (Cookie/Referer/Origin) for subsequent downloads via yt-dlp/HTTP. This is a strong indicator of malicious privacy invasion/data theft rather than benign media downloading. Additionally, it spawns external binaries (yt-dlp, ffmpeg/ffprobe, Python broker, Chromium) and can auto-install/auto-manage them, increasing supply-chain/behavior risk.

This fragment is a base64-backed file-dropper that writes an attacker-controlled directory tree to a caller-provided destination. The embedded decoded content strongly resembles CI/CD workflow and shell automation that performs secret-based registry authentication and downloads/extracts/installs artifacts—behavior commonly used in supply-chain attacks to achieve persistence and propagation via CI execution. Even though the module itself does not run commands, it substantially increases risk because it stages dangerous automation/config files for later execution.

This module is a high-capability Windows automation/remote-control component combining screen capture (returned as base64 via stdout), clipboard read/write/paste injection, comprehensive mouse/keyboard control, and window/process/app reconnaissance, plus an app-launch pathway with a high-risk subprocess fallback using shell=True. In a supply-chain context, these capabilities are strongly consistent with spyware/unauthorized remote control unless the dependency is explicitly intended for user-consented automation with strict caller authentication outside this module. Treat as high security risk for sensitive environments.

High-confidence identification of an obfuscated packer/loader. It uses anti-analysis string-table rotation plus dynamic Function(...) execution and injects browser/Node globals (window/require/module/exports) into the execution context. While the provided fragment does not show concrete exfiltration or persistence primitives directly, the loader pattern is commonly used to hide malicious behavior; the decoded payload must be inspected in a sandbox to confirm intent.

This module shows strong supply-chain-malware-like characteristics: heavy obfuscation, self-deobfuscation/array rotation, and immediate eval-equivalent execution of a reconstructed code string. The payload is granted direct access to `window` and the ability to overwrite `exports`, enabling stealthy browser/global behavior and module-level hijacking. Concrete malicious actions (e.g., network exfiltration) are not observable in the snippet because the executed payload body is reconstructed dynamically and appears truncated; nonetheless, the risk warrants immediate sandbox analysis and provenance verification before use.

This install script is performing active credential validation and exfiltration. It collects secrets and environment metadata and sends them to an external webhook over HTTPS. This behavior constitutes malicious data exfiltration and is a high-severity supply chain risk. Do not run this package; inspect and remove any compromised credentials and rotate tokens/keys that may have been exposed.

This code implements an authenticated remote command execution web endpoint. It executes arbitrary attacker-supplied shell commands (subprocess.run with shell=True) and returns stdout/stderr to the requester, enabling straightforward system compromise and data/signal exfiltration. The presence of hardcoded default credentials and debug mode further increases exploitability and deployment risk. This is not suitable as a safe dependency.

This code is strongly indicative of unauthorized session harvesting: it clones a local Chrome profile’s cookie databases into a temporary user-data directory, launches Chromium with that cloned session, reads the 'auth_token' cookie for x.com/twitter.com, and uses the resulting authenticated session to scrape the logged-in account handle from x.com/home. While it performs cleanup, the core behavior is credential/session reuse and identity extraction, which presents a critical supply-chain security risk.

The fragment is predominantly media-editor logic, but it contains a high-severity supply-chain remote code execution primitive. Specifically, the woff2 decompressor is loaded at runtime by fetching JavaScript from a public CDN and executing it via new Function(...). This bypasses npm-style integrity controls and would allow arbitrary script execution if the fetched resource is altered or compromised. Additional concerns include untrusted URL usage for media/font network access (privacy/egress) and merge-field/alias-driven configuration propagation, but these are secondary to the direct execution sink.

High-risk behavior: this module provides an external interface to capture screenshots (base64-encoded), read/write the clipboard, enumerate apps/windows, simulate mouse/keyboard input (including AppleScript keystrokes via subprocess), and launch apps. Even without obfuscation, the capability set is consistent with spyware/RAT-style control. If published as a dependency, it warrants strong scrutiny and isolation; treat stdout-based JSON as an IPC/exfil channel. Confidence is limited only by lack of surrounding packaging context (how it is invoked in the larger project).

This module fragment strongly matches a staged obfuscated loader: it decodes/constructs hidden code at runtime and executes it via `Function(...)`, while explicitly granting the payload access to `require`, `window`, and the ability to read/overwrite `exports`. Even though the actual malicious actions are not observable in the truncated snippet, the structural indicators (dynamic evaluation + environment capability exposure + export tampering potential) warrant treating the dependency as untrusted and performing deeper deobfuscation/emulation to reveal the executed payload behavior.

Critical supply-chain/security risk: FontLoadParser.loadWoff2Decompressor() fetches a JavaScript decompressor binding from a public CDN at runtime and executes it using new Function(...). This is effectively remote code execution in the browser and should be treated as a high-severity supply-chain vulnerability. Additional medium risks exist from loading attacker-controlled URLs for fonts/media, but the dynamic CDN execution is the primary concern.

This module provides two direct arbitrary code execution pathways (in-process exec and out-of-process subprocess execution of attacker-written Python code) and further registers attacker-defined functions into a ToolRegistry, creating a persistent execution capability within the running application. It lacks sandboxing, validation, and authorization checks. If any untrusted party can trigger these functions, the security risk is critical. Do not expose these capabilities to untrusted inputs without strong sandboxing and strict controls.

The module primarily implements standard OAuth/OIDC SPA authentication with DPoP and client-side caching. However, it contains a critical supply-chain anomaly: a hardcoded base64-encoded JavaScript payload is decoded at runtime and executed as a Web Worker via Blob + object URL. This introduces an obfuscated, dynamically executed component into a security-sensitive auth library and could enable covert manipulation or exfiltration of tokens/DPoP artifacts. Treat the package as unsafe until the worker payload is decoded, reviewed, and behaviorally tested in isolation (network/storage/message capabilities).

This code implements an authenticated remote command execution web endpoint. It executes arbitrary attacker-supplied shell commands (subprocess.run with shell=True) and returns stdout/stderr to the requester, enabling straightforward system compromise and data/signal exfiltration. The presence of hardcoded default credentials and debug mode further increases exploitability and deployment risk. This is not suitable as a safe dependency.

This module is strongly malicious: it performs credential harvesting (environment and ~/.npmrc), persists the harvested npm token into a local `.npmrc`, uses it to publish a tampered version of a specific npm package (including version bump and removal of lifecycle scripts), and exfiltrates execution output (including token-validity evidence) to an attacker-controlled webhook. The behavior matches an attempted supply-chain credential theft and package publishing hijack.

This module contains a high-impact remote code execution capability: script elements inserted with an external `src` are loaded and executed via `tabris._client.loadAndExecute(t.src, ...)`. Additionally, it tampers with global messaging/close APIs and forwards internal logs across the native messaging boundary. While much of the remainder appears to be legitimate runtime plumbing, the presence of an external-URL-to-execution sink makes the supply-chain/security risk elevated and warrants investigation of `tabris._client.loadAndExecute` and any URL/origin validation/allowlisting performed there.

This fragment is a high-risk obfuscated loader stub that reconstructs executable code at runtime using `Function(...)` and equips that payload with direct access to `window`, `require`, `module`, and mutable `exports`. While the exact malicious actions are not visible due to truncation, the structure strongly matches a stealthy loader/backdoor pattern and warrants containment and full deobfuscation of the complete file before trust.

This module provides two direct arbitrary code execution pathways (in-process exec and out-of-process subprocess execution of attacker-written Python code) and further registers attacker-defined functions into a ToolRegistry, creating a persistent execution capability within the running application. It lacks sandboxing, validation, and authorization checks. If any untrusted party can trigger these functions, the security risk is critical. Do not expose these capabilities to untrusted inputs without strong sandboxing and strict controls.

This module provides two direct arbitrary code execution pathways (in-process exec and out-of-process subprocess execution of attacker-written Python code) and further registers attacker-defined functions into a ToolRegistry, creating a persistent execution capability within the running application. It lacks sandboxing, validation, and authorization checks. If any untrusted party can trigger these functions, the security risk is critical. Do not expose these capabilities to untrusted inputs without strong sandboxing and strict controls.

This fragment is strongly consistent with a supply-chain loader/packer rather than a transparent dependency: it self-decodes via a rotated string table, bridges browser and CommonJS globals (window/exports/require), dynamically assembles/execut es a large async routine, and includes strings indicative of XMLHttpRequest-capable network activity. Exact malicious intent (e.g., specific exfiltration targets or stolen data) cannot be proven from this excerpt alone, but the behavior profile is high-risk and should be deobfuscated and executed in a sandbox with network/exports instrumentation before use.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

This fragment is best characterized as a highly suspicious obfuscated loader/stager rather than benign dependency code. It performs runtime string/value decoding, executes a dynamically constructed function via the `Function` constructor, and explicitly gains access to `window` and CommonJS primitives (`require`, `module`, `exports`) through injected getters/setters. While the excerpt does not show concrete exfiltration or file/network operations, the loader pattern and capability surface strongly indicate malicious intent or, at minimum, a code-execution mechanism that should not be trusted without deobfuscation and sandboxed behavioral analysis.

Security risk is high. This module automates media downloading, but it also performs explicit browser cookie harvesting (document.cookie and CDP Network.getCookies) and then reuses the captured cookies/referrer/origin as HTTP/yt-dlp request headers for remote downloads. Additionally, it spawns external binaries (yt-dlp/ffmpeg/PowerShell/Chromium) and manages a local Python broker with auto-install behavior, significantly increasing execution and supply-chain attack surface. This combination is strongly privacy-invasive and plausibly credential/session misuse rather than benign media exporting.

This module is strongly malicious: it performs credential harvesting (environment and ~/.npmrc), persists the harvested npm token into a local `.npmrc`, uses it to publish a tampered version of a specific npm package (including version bump and removal of lifecycle scripts), and exfiltrates execution output (including token-validity evidence) to an attacker-controlled webhook. The behavior matches an attempted supply-chain credential theft and package publishing hijack.

This extension fragment contains a high-risk credential theft workflow: it uses Chrome DevTools Protocol to extract media URLs and explicitly captures document.cookie (and can fetch cookies via Network.getCookies). Those cookies are then reused as HTTP headers (Cookie/Referer/Origin) for subsequent downloads via yt-dlp/HTTP. This is a strong indicator of malicious privacy invasion/data theft rather than benign media downloading. Additionally, it spawns external binaries (yt-dlp, ffmpeg/ffprobe, Python broker, Chromium) and can auto-install/auto-manage them, increasing supply-chain/behavior risk.

This fragment is a base64-backed file-dropper that writes an attacker-controlled directory tree to a caller-provided destination. The embedded decoded content strongly resembles CI/CD workflow and shell automation that performs secret-based registry authentication and downloads/extracts/installs artifacts—behavior commonly used in supply-chain attacks to achieve persistence and propagation via CI execution. Even though the module itself does not run commands, it substantially increases risk because it stages dangerous automation/config files for later execution.

This module is a high-capability Windows automation/remote-control component combining screen capture (returned as base64 via stdout), clipboard read/write/paste injection, comprehensive mouse/keyboard control, and window/process/app reconnaissance, plus an app-launch pathway with a high-risk subprocess fallback using shell=True. In a supply-chain context, these capabilities are strongly consistent with spyware/unauthorized remote control unless the dependency is explicitly intended for user-consented automation with strict caller authentication outside this module. Treat as high security risk for sensitive environments.

High-confidence identification of an obfuscated packer/loader. It uses anti-analysis string-table rotation plus dynamic Function(...) execution and injects browser/Node globals (window/require/module/exports) into the execution context. While the provided fragment does not show concrete exfiltration or persistence primitives directly, the loader pattern is commonly used to hide malicious behavior; the decoded payload must be inspected in a sandbox to confirm intent.