Huge news!Announcing our $20M Series A led by Andreessen Horowitz.Learn more
Socket
Socket
Log inDemoInstall

Bin script shell injection

Severity

High

Description

This package re-exports a well known shell command via an npm bin script. This is possibly a supply chain attack

Suggestion

Packages should not export bin scripts which conflict with well known shell commands

SocketSocket SOC 2 Logo

Product

  • Package Issues
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc