AI Security Review
scanned 3d ago · by lpm-firewall-aiConfirmed browser runtime remote-code execution on the leaderboard page, but no install-time npm compromise path or credential theft was found. Risk is real because a mutable GitHub-hosted script controls code executed by package users who open that page.
Decision evidence
public snapshot- assets/js/leaderboard.js fetches https://raw.githubusercontent.com/grapes-os/grapes-os-leaderboard/main/scores.js and passes the response text to eval().
- leaderboard.html loads assets/js/leaderboard.js with defer, so visiting the leaderboard page triggers remote code execution in the browser.
- assets/js/links.js contains a large rotating list of external proxy/mirror URLs used to set an iframe src.
- package.json has no install/preinstall/postinstall lifecycle scripts and main is index.html.
- No Node child_process, filesystem access, native binary loading, or package install-time execution found.
- assets/js/app_functions.js Supabase anon key is used client-side for app listing RPC and localStorage caching, consistent with a static site.
- No credential/env harvesting or exfiltration logic found in inspected source.
Source & flagged code
4 flagged · loading sourcePackage contains a critical-looking secret pattern.
assets/js/app_functions.jsView on unpkg · L3Supabase service role key (JWT) in assets/js/app_functions.js
assets/js/app_functions.jsView on unpkg · L3Source fetches a remote non-code asset, decodes its contents, and dynamically executes the decoded payload.
assets/js/leaderboard.jsView on unpkg · L36