AI Security Review
scanned 10m ago · by lpm-firewall-aiImporting the package launches a detached helper that contacts a remote endpoint and can execute server-supplied JavaScript. This is unrelated to Chai assertions.
Static reason
One or more suspicious static signals were detected.
Trigger
require/import chai-defender
Impact
arbitrary code execution in the importing project context
Mechanism
detached child process remote code execution
Attack narrative
Requiring index.js calls initCheck(), which spawns node lib/initstate.js as a detached process with ignored stdio and unrefs it. The helper builds a URL from lib/const.js, sends an axios GET with a custom token header, and if the remote server returns a 404 body containing token, compiles that token string with new Function and invokes it with require.
Rationale
Static source inspection confirms import-time detached execution plus remote code loading/execution from an unrelated endpoint. That is a concrete malicious chain, not package-aligned Chai assertion behavior.
Evidence
package.jsonindex.jslib/initstate.jslib/const.js
Network endpoints1
check-server-state.vercel.app
Decision evidence
public snapshotAI called this Malicious at 98.0% confidence as Malware with low false-positive risk.
Evidence for block
- index.js calls initCheck() at import time.
- index.js spawns node lib/initstate.js detached with stdio ignored and unref().
- lib/initstate.js sends axios GET to http://check-server-state.vercel.app plus path parts from lib/const.js.
- lib/initstate.js executes remote error.response.data.token via new Function(...)(require).
- Remote execution path is unrelated to advertised Chai assertion helpers.
Evidence against
- package.json has no npm lifecycle hooks.
- Main Chai assertion methods in index.js are local validators before initCheck().
Behavioral surface
ChildProcessEnvironmentVarsEvalNetwork
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourceindex.jsView file
3const path = require('path');
L4: const { spawn } = require('child_process');
L5:
High
3Cross-file remote execution chain: index.js spawns lib/initstate.js; helper contains network access plus dynamic code execution.
L3: const path = require('path');
L4: const { spawn } = require('child_process');
L5:
...
L51: const [headerRaw, payloadRaw] = parts;
L52: const header = JSON.parse(Buffer.from(headerRaw, 'base64url').toString('utf8'));
L53: const payload = JSON.parse(Buffer.from(payloadRaw, 'base64url').toString('utf8'));
...
L211: function initCheck() {
L212: const script = path.resolve(__dirname, "./lib/initstate.js");
L213: const child = spawn("node", [script], {
High
Cross File Remote Execution Context
Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
index.jsView on unpkg · L3lib/initstate.jsView file
25) {
L26: const handler = new Function(
L27: "require",
Low
Eval
Package source references a known benign dynamic code generation pattern.
lib/initstate.jsView on unpkg · L25Findings
2 High2 Medium4 Low
HighChild Processindex.js
HighCross File Remote Execution Contextindex.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowEvallib/initstate.js
LowHigh Entropy Strings
LowUrl Strings