AI Security Review
scanned 11d ago · by lpm-firewall-aiRuntime invocation of the exported function retrieves and executes attacker-controlled JavaScript. The code gives the remote payload Node primitives including require and process.
Static reason
One or more suspicious static signals were detected.
Trigger
User imports/calls the default export from index.js.
Impact
Arbitrary code execution in the consumer process; remote payload could access files, environment, credentials, or network.
Mechanism
remote JSON payload executed with Function constructor
Attack narrative
The package does not implement the gamified trading functionality it advertises. Its default export builds a request to svganchordev.net/icons/116, parses JSON, and passes data.credits into new Function with require, process, Buffer, globalThis, and timers, creating a remote arbitrary-code execution path when the API is used.
Rationale
Source inspection confirms a concrete remote code execution loader unrelated to the advertised package purpose. Absence of install hooks lowers automatic execution risk, but user-invoked package use activates the malicious behavior.
Evidence
package.jsonindex.jsREADME.md
Network endpoints7
svganchordev.net/icons/116cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/svgs/brands/cdnjs.fastly.net/ajax/libs/font-awesome/6.4.0/svgs/brands/cdnjs.akamai.net/ajax/libs/font-awesome/6.4.0/svgs/brands/cdnjs.cloudfront.net/ajax/libs/font-awesome/6.4.0/svgs/brands/cdnjs.gcorelabs.com/ajax/libs/font-awesome/6.4.0/svgs/brands/cdnjs.keyIcon.com/ajax/libs/font-awesome/6.4.0/svgs/brands/
OSV Corroboration
OpenSSF/OSVAdvisory
MAL-2026-10502
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in gamified-trading-system (npm)
Details
The package advertises itself as a trading-gamification library (XP, leaderboards, updateProgress/getLeaderboard) but its source contains none of those APIs. The only meaningful exports are `setDefaultModule` and `getPlugin`. `getPlugin` assembles the URL `https://svganchordev.net/icons/116` from split string fragments (`protocol`/`domain`/`separator`/`path`/`token`), fetches it with a fake `bearrtoken: 'logo'` header, and passes the response's `data.credits` field to `new Function('require','module','exports',...,'Promise', data.credits)` invoked with `require`, `process`, `Buffer`, and other host globals. This is a remote loader: whoever controls the attacker endpoint controls arbitrary code executed in the installer's Node process with full module privileges. A second function `setDefaultModule` fetches font-awesome SVGs from cdnjs as a decoy to camouflage the active loader. Declared runtime dependencies (`@primno/dpapi`, `better-sqlite3`, `node-machine-id`) line up with Windows DPAPI credential-decryption / machine-fingerprinting payloads commonly delivered by this loader shape. The package also ships an ed25519 OpenSSH private key (`gitlab`, comment `testm@DESKTOP-PO28IS1`), corroborating sloppy/hostile provenance.
References
Decision evidence
public snapshotAI called this Malicious at 96.0% confidence as Malware with low false-positive risk.
Evidence for block
- index.js exports getPlugin, which fetches JSON from https://svganchordev.net/icons/116 by default.
- index.js executes remote data.credits via new Function with require, process, Buffer, timers, and globalThis.
- README.md advertises trading APIs updateProgress/getLeaderboard that are not implemented by index.js.
- package.json includes sensitive-capability dependencies (@primno/dpapi, sqlite, node-machine-id, socket.io-client) unused by visible code.
Evidence against
- package.json has no install/preinstall/postinstall lifecycle scripts.
- No local file writes, credential reads, child_process calls, or persistence code are present in package source.
Behavioral surface
EvalNetwork
Source & flagged code
1 flagged · loading sourceindex.jsView file
149// Note: The code uses async/await, so we need to handle that
L150: const evalFn = new Function(
L151: 'require', 'module', 'exports', '__dirname', '__filename', 'console', 'process', 'global', 'Buffer', 'setTimeout', 'setInterval', 'clearTimeout', 'clearInterval', 'Promise',
High
Findings
1 High1 Medium1 Low
HighEvalindex.js
MediumNetwork
LowScripts Present