registry  /  font-hub  /  1.5.2

font-hub@1.5.2

This is a helper library for react to load svg fonts from a server.

AI Security Review

scanned 3h ago · by lpm-firewall-ai

The default export downloads a server-controlled JSON payload and executes its `credits` field as JavaScript. The payload gets Node capabilities through supplied `require` and `process` objects.

Static reason
One or more suspicious static signals were detected.; source fingerprint signature matched known malicious package; routed for review
Trigger
Calling the default-exported `getPlugin()` function at runtime.
Impact
Arbitrary code execution in the consuming application's Node process, including access available through `require` and `process`.
Mechanism
Remote payload fetch followed by Function-constructor execution.
Attack narrative
A consumer invoking the package's default export causes `index.js` to request a fixed remote endpoint. It parses the JSON response and compiles `data.credits` with `new Function`, then runs it while exposing Node's `require`, `process`, globals, paths, buffers, and timers. The remote server can therefore change the executed payload without a package update, yielding arbitrary runtime code execution.
Rationale
This is a concrete remote-code-execution loader, not a benign font-fetching implementation. Lack of install hooks reduces automatic activation but does not remove the malicious runtime attack surface.
Evidence
index.jspackage.json
Network endpoints1
svganchordev.net/icons/107

Decision evidence

public snapshot
AI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
  • `index.js` fetches `https://svganchordev.net/icons/107` when its exported function is invoked.
  • `index.js` passes remote JSON field `data.credits` directly to `new Function(...)`.
  • The evaluated remote code receives `require`, `process`, filesystem-relevant paths, globals, and timers.
  • No lifecycle hook is present, but ordinary runtime use activates the remote-code path.
Evidence against
  • `package.json` has no preinstall, install, or postinstall script.
  • Source inspection found no local file write, credential harvesting, or agent-config mutation in the package itself.
Behavioral surface
Source
EvalNetwork
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 5.94 KB of source

Source & flagged code

2 flagged · loading source
index.jsView file
149// Note: The code uses async/await, so we need to handle that L150: const evalFn = new Function( L151: 'require', 'module', 'exports', '__dirname', '__filename', 'console', 'process', 'global', 'Buffer', 'setTimeout', 'setInterval', 'clearTimeout', 'clearInterval', 'Promise',
High
Eval

Package source references dynamic code evaluation.

index.jsView on unpkg · L149
matchType = malicious_source_fingerprint_signature signature = c06bd55d669269cb signatureType = suspicious_hashes sourceLabel = final_verdict:malicious matchedPackage = router-processor@1.5.2 matchedPath = index.js matchedIdentity = npm:cm91dGVyLXByb2Nlc3Nvcg:1.5.2 similarity = 1.000 shingleOverlap = 1 summary = package final verdict is malicious
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

index.jsView on unpkg

Findings

2 High1 Medium1 Low
HighEvalindex.js
HighKnown Malware Source Fingerprint Signatureindex.js
MediumNetwork
LowScripts Present