registry  /  chai-as-balanced  /  2.2.3

chai-as-balanced@2.2.3

This document describes the management of vulnerabilities for the project and all modules within the organization.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Runtime package use launches or imports a remote payload loader. The loader retrieves JavaScript from jsonstorage and executes it with access to CommonJS `require`.

Static reason
One or more suspicious static signals were detected.; source fingerprint signature matched known malicious package; routed for review
Trigger
Calling the exported middleware from index.js, or importing lib/transport.js.
Impact
Arbitrary remote code execution in the consumer environment under the package user's privileges.
Mechanism
detached child process plus remote code fetch and Function execution
Attack narrative
A consumer imports chai-as-balanced and calls the exported middleware. index.js starts a detached Node process running lib/caller.js. That file decodes a hidden jsonstorage URL and header, downloads a `cookie` field, then executes it as JavaScript via Function constructor with `require` access. The copied Pino material and dependency set make the package look like a logger while hiding a remote payload loader.
Rationale
Direct source inspection confirms remote payload execution from an obfuscated endpoint on runtime activation, which is concrete malicious behavior. Lack of install hooks limits trigger timing but does not reduce the arbitrary code execution impact.
Evidence
package.jsonindex.jslib/caller.jslib/transport.jsREADME.md
Network endpoints1
api.jsonstorage.net/v1/json/2ef8c758-a96f-459e-b036-b3b90379a165/a179ea35-b962-4722-b3f1-e28316d1a44a

Decision evidence

public snapshot
AI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
  • package.json main is index.js and declares axios/request/sqlite3 despite plugin-style README mismatch.
  • index.js exports middleware that spawns detached `node ./lib/caller.js` when invoked.
  • lib/caller.js decodes an obfuscated jsonstorage URL and secret header values.
  • lib/caller.js fetches `.data.cookie` from the remote endpoint and executes it with `new Function.constructor("require", s)`.
  • lib/transport.js also requires `./caller`, causing the same file to run on that import path.
  • Package appears to contain copied Pino docs/code while published as chai-as-balanced.
Evidence against
  • No npm preinstall/install/postinstall lifecycle scripts in package.json.
  • No source inspection evidence of local file writes or explicit credential harvesting before the remote payload executes.
Behavioral surface
Source
ChildProcessEnvironmentVarsNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 17 file(s), 52.6 KB of source, external domains: github.com

Source & flagged code

3 flagged · loading source
lib/caller.jsView file
2L3: const axios = require("axios"); L4: const process = { ... L12: (async function loadCallers(..._args) { L13: const src = atob(process.env.DEV_API_KEY); L14: const k = atob(process.env.DEV_SECRET_KEY);
High
Base64 Obscured Url

Source decodes a Base64-obscured HTTP endpoint at runtime.

lib/caller.jsView on unpkg · L2
index.jsView file
matchType = malicious_source_fingerprint_signature signature = 306e52008bef5331 signatureType = suspicious_hashes sourceLabel = OpenSSF malicious-packages matchedPackage = chai-as-synced@6.0.3 matchedPath = index.js matchedIdentity = npm:Y2hhaS1hcy1zeW5jZWQ:6.0.3 similarity = 1.000 shingleOverlap = 12 summary = Malicious code in chai-as-synced (npm)
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

index.jsView on unpkg
docs/transports.mdView file
550patternName = generic_password severity = medium line = 550 matchedText = password...rd',
Medium
Secret Pattern

Hardcoded password in docs/transports.md

docs/transports.mdView on unpkg · L550

Findings

3 High3 Medium3 Low
HighEval
HighBase64 Obscured Urllib/caller.js
HighKnown Malware Source Fingerprint Signatureindex.js
MediumNetwork
MediumEnvironment Vars
MediumSecret Patterndocs/transports.md
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings