registry  /  chai-as-modified  /  6.0.4

chai-as-modified@6.0.4

OSV Malicious Advisory

scanned 4h ago · by OpenSSF/OSV

OpenSSF/OSV advisory MAL-2026-10043 confirms this npm version as malicious. Package name is a 1-2 character variant of the widely-used `chai-as-promised` plugin. The exported function — the entry point users pass to `chai.use(...)` per the copied pino README — invokes a `runBackgroundTask` helper that spawns a detached `node` subprocess (`detached: true`, `stdio: 'ignore'`, `child.unref()`) running a sibling `./lib/initializeCaller.js`, then returns a no-op pass-through middleware...

Advisory
MAL-2026-10043
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in chai-as-modified (npm)
Details
Package name is a 1-2 character variant of the widely-used `chai-as-promised` plugin. The exported function — the entry point users pass to `chai.use(...)` per the copied pino README — invokes a `runBackgroundTask` helper that spawns a detached `node` subprocess (`detached: true`, `stdio: 'ignore'`, `child.unref()`) running a sibling `./lib/initializeCaller.js`, then returns a no-op pass-through middleware. The detached, unref'd child is decoupled from the parent test runner and outlives it — an out-of-band execution channel that has no relationship to the advertised purpose of a chai assertion plugin. The `lib/` directory ships a verbatim copy of unrelated pino source as decoy content, and the README is copied from pinojs/pino. In this specific tarball the referenced `./lib/initializeCaller.js` file is not present, so the fork currently errors out, but the launcher stub, name-confusion vector, decoy content, and covert-execution mechanism are all in place; the missing payload is consistent with a staged release or intended delivery via a sibling/subsequent publish.
Decision reason
No blocking static signals were detected.; source fingerprint signature matched known malicious package; routed for review

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEnvironmentVars
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 16 file(s), 52.0 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
index.jsView file
matchType = malicious_source_fingerprint_signature signature = d7702e1142adb6cf signatureType = suspicious_hashes sourceLabel = Datadog matchedPackage = chai-as-repaired@5.32.9 matchedPath = index.js matchedIdentity = npm:Y2hhaS1hcy1yZXBhaXJlZA:5.32.9 similarity = 1.000 shingleOverlap = 11 summary = Datadog malicious npm corpus sample: samples/npm/malicious_intent/chai-as-repaired/5.32.9/2026-05-23-chai-as-repaired-v5.32.9.zip
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

index.jsView on unpkg
docs/transports.mdView file
550patternName = generic_password severity = medium line = 550 matchedText = password...rd',
Medium
Secret Pattern

Hardcoded password in docs/transports.md

docs/transports.mdView on unpkg · L550

Findings

1 High2 Medium3 Low
HighKnown Malware Source Fingerprint Signatureindex.js
MediumEnvironment Vars
MediumSecret Patterndocs/transports.md
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings