OSV Malicious Advisory
scanned 4h ago · by OpenSSF/OSVOpenSSF/OSV advisory MAL-2026-10043 confirms this npm version as malicious. Package name is a 1-2 character variant of the widely-used `chai-as-promised` plugin. The exported function — the entry point users pass to `chai.use(...)` per the copied pino README — invokes a `runBackgroundTask` helper that spawns a detached `node` subprocess (`detached: true`, `stdio: 'ignore'`, `child.unref()`) running a sibling `./lib/initializeCaller.js`, then returns a no-op pass-through middleware...
Advisory
MAL-2026-10043
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in chai-as-modified (npm)
Details
Package name is a 1-2 character variant of the widely-used `chai-as-promised` plugin. The exported function — the entry point users pass to `chai.use(...)` per the copied pino README — invokes a `runBackgroundTask` helper that spawns a detached `node` subprocess (`detached: true`, `stdio: 'ignore'`, `child.unref()`) running a sibling `./lib/initializeCaller.js`, then returns a no-op pass-through middleware. The detached, unref'd child is decoupled from the parent test runner and outlives it — an out-of-band execution channel that has no relationship to the advertised purpose of a chai assertion plugin. The `lib/` directory ships a verbatim copy of unrelated pino source as decoy content, and the README is copied from pinojs/pino. In this specific tarball the referenced `./lib/initializeCaller.js` file is not present, so the fork currently errors out, but the launcher stub, name-confusion vector, decoy content, and covert-execution mechanism are all in place; the missing payload is consistent with a staged release or intended delivery via a sibling/subsequent publish.
Decision reason
No blocking static signals were detected.; source fingerprint signature matched known malicious package; routed for review
References
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVars
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourceindex.jsView file
•matchType = malicious_source_fingerprint_signature
signature = d7702e1142adb6cf
signatureType = suspicious_hashes
sourceLabel = Datadog
matchedPackage = chai-as-repaired@5.32.9
matchedPath = index.js
matchedIdentity = npm:Y2hhaS1hcy1yZXBhaXJlZA:5.32.9
similarity = 1.000
shingleOverlap = 11
summary = Datadog malicious npm corpus sample: samples/npm/malicious_intent/chai-as-repaired/5.32.9/2026-05-23-chai-as-repaired-v5.32.9.zip
High
Known Malware Source Fingerprint Signature
Source fingerprint signature matches a known malicious package signature; route for source-aware review.
index.jsView on unpkgdocs/transports.mdView file
550patternName = generic_password
severity = medium
line = 550
matchedText = password...rd',
Medium
Findings
1 High2 Medium3 Low
HighKnown Malware Source Fingerprint Signatureindex.js
MediumEnvironment Vars
MediumSecret Patterndocs/transports.md
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings