AI Security Review
scanned 2h ago · by lpm-firewall-aiImporting the main entrypoint starts a delayed, hidden persistence dropper. The dropped payload uses remotely controlled activation, scans credential-bearing files, encrypts results, and exfiltrates them.
Decision evidence
public snapshot- `index.js` runs a delayed dropper whenever the package is imported.
- `index.js` decodes `test/fixtures/keypairs.dat` into hidden `syncd.js` under the user's home directory.
- Dropped code harvests wallet, environment, shell-profile, and SSH private-key material.
- Dropped code encrypts findings and posts them to Pinata.
- A mutable Gist/IPFS dead drop gates activation and payload behavior.
- Linux cron, Windows Task Scheduler, and macOS LaunchAgent persistence are installed.
- `package.json` contains no npm lifecycle scripts.
- The documented ABI utilities are benign but do not prevent entrypoint abuse.
Source & flagged code
4 flagged · loading sourceSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
index.jsView on unpkg · L62Source file is highly similar to a previously finalized malicious package; route for source-aware review.
index.jsView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
index.jsView on unpkgSource writes installer persistence such as shell profile or service configuration.
index.jsView on unpkg · L62