
Research
/Security News
npm Package Uses Prompt Injection and Token Flooding to Disrupt AI Malware Scanners
A new npm package tests AI malware scanners with prompt injection, safety-triggering comments, context flooding, and obfuscated JavaScript.
@endo/eslint-plugin
Advanced tools
ESLint customizations for Endo packages.
You'll first need to install ESLint:
npm i eslint --save-dev
Next, install @endo/eslint-plugin:
npm install @endo/eslint-plugin --save-dev
Note: If you installed ESLint globally (using the -g flag) then you must also install @endo/eslint-plugin globally.
Extend a plugin:@endo/CONFIG in your .eslintrc configuration file. You can omit the /eslint-plugin suffix:
{
"extends": [
"plugin:@endo/recommended"
]
}
CONFIG can be one of:
recommended rules for code compatible with Hardened JSimports opinions on how packages should use importsstyle opinions on JS coding stylestrict all of the aboveinternal rules only for packages within the Endo source repositoryYou can configure individual rules you want to use under the rules section.
{
"rules": {
"@endo/rule-name": 2
}
}
FAQs
ESLint plugin for using Endo
We found that @endo/eslint-plugin demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
A new npm package tests AI malware scanners with prompt injection, safety-triggering comments, context flooding, and obfuscated JavaScript.

Product
Socket now detects supply chain risks in project manifests, starting with missing lockfiles that can make dependency installs non-reproducible.

Research
/Security News
The trojanized extensions use TinyGo-compiled WebAssembly and Solana transaction memos to resolve command-and-control infrastructure.