registry  /  grapes-andrewdingus  /  1.0.25

grapes-andrewdingus@1.0.25

GRAPES OS static site — CDN-ready via unpkg

AI Security Review

scanned 2d ago · by lpm-firewall-ai

The package is a static site, but its leaderboard page fetches JavaScript from a remote GitHub raw URL and evals it in the browser. This makes executable behavior mutable outside the published npm artifact.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
User opens leaderboard.html in a browser
Impact
Remote arbitrary browser-side JavaScript can execute outside package review boundaries.
Mechanism
remote JavaScript fetch followed by eval
Attack narrative
leaderboard.html includes assets/js/leaderboard.js. That script fetches scores.js from raw.githubusercontent.com and passes the response text directly to eval, so any change in that remote repository can execute arbitrary browser JavaScript for users viewing the package's leaderboard page.
Rationale
Direct source inspection confirms a remote fetch-and-eval path in a browser entrypoint, which is concrete remote code execution rather than a static data fetch. The Supabase usage appears package-aligned, but it does not mitigate the remotely mutable eval loader.
Evidence
package.jsonleaderboard.htmlassets/js/leaderboard.jsassets/js/app_functions.js
Network endpoints2
raw.githubusercontent.com/grapes-os/grapes-os-leaderboard/main/scores.jshqlgppguxhqeaonjzinv.supabase.co

Decision evidence

public snapshot
AI called this Malicious at 92.0% confidence as Malware with low false-positive risk.
Evidence for block
  • assets/js/leaderboard.js fetches remote JavaScript from raw.githubusercontent.com/grapes-os/grapes-os-leaderboard/main/scores.js.
  • assets/js/leaderboard.js executes the fetched text with eval(js_code) during main().
  • leaderboard.html loads /assets/js/leaderboard.js with defer, so visiting the leaderboard page triggers remote code execution.
  • package.json declares main/unpkg as index.html and has no server-side package logic; the risky behavior is in browser runtime source.
Evidence against
  • package.json has no lifecycle scripts, so there is no install-time execution.
  • Scanner hint for image steganography was noisy: inspected leaderboard.js fetches raw GitHub JS, not an image decode path.
  • assets/js/app_functions.js Supabase anon key is used for browser app listing RPC/cache behavior, not credential/env/file harvesting.
  • No child_process, filesystem writes, persistence, destructive behavior, or AI-agent control-surface mutation found.
Behavioral surface
Source
EvalNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 9 file(s), 41.9 KB of source, external domains: 1.australianhuntermag.com.au, 1.belizebuilders.com, 1.burgermap.org, 1.chowpatty.com, 1.deleesportsmedicine.com, 1.lscomm.net, 1.oceanracingseries.co.za, 1.rodolfocolen.com, 1.room4rent.cl, 1.rootsbobcat.com, 1.southwestvoodoo.com, 1.tartsandcrafts.ca, 1.tomholden.info, 1.videospeed.cl, 1.vivocolor.cl, 2.intothelightprod.com, 2.macao.net, 57.admain.cl, acetaminophen.deleesportsmedicine.com, acting.intothelightprod.com, adsadkjsadjksakldjxx.math-solver.online, agent.room4rent.cl, alpha.y.glenwaverleychurches.org, antihistamines.medscience.cl, api.cloud.rigaprecast.com, app.cloud.rigaprecast.com, attractions.uk.to, aurora.xyz.moochurch.com, b.j0.icom.org.np, backend.development.sanluix.org, basketball.prosports.cl, behavior.lasersoft.net.au, beta.y.glenwaverleychurches.org, biology-img.shekinahphotography.com, blog.cloud.rigaprecast.com, boeing.morlockaerospace.com, books.michelleingah.com, ca.skimanshop.it, carriers.mobile-node.net, cdn.businessrelay.co.za, cdn.i-mind.cl, cdn.masonic-lodge.ca, cdn.yourciooncall.com, cheap.showmyhomes.com, cheap.winterhouse.info, china.dingshun.hk, china.taoism-dingshun.org, construct.rustyfoundation.com, coolmathgames.com, cultures.linexedu.eu

Source & flagged code

4 flagged · loading source
assets/js/app_functions.jsView file
3patternName = supabase_service_key severity = critical line = 3 matchedText = "eyJhbGc...w8";
Critical
Critical Secret

Package contains a critical-looking secret pattern.

assets/js/app_functions.jsView on unpkg · L3
3patternName = supabase_service_key severity = critical line = 3 matchedText = "eyJhbGc...w8";
Critical
Secret Pattern

Supabase service role key (JWT) in assets/js/app_functions.js

assets/js/app_functions.jsView on unpkg · L3
assets/js/leaderboard.jsView file
36async function getScores() { L37: let response = await fetch( L38: "https://raw.githubusercontent.com/grapes-os/grapes-os-leaderboard/main/scores.js", L39: ); L40: return await response.text(); // is promise for whatever reason L41: } ... L45: let js_code = await getScores(); L46: eval(js_code); // never use eval L47: } catch (e) {
Critical
Remote Asset Decode Execute

Source fetches a remote non-code asset, decodes its contents, and dynamically executes the decoded payload.

assets/js/leaderboard.jsView on unpkg · L36
45let js_code = await getScores(); L46: eval(js_code); // never use eval L47: } catch (e) {
High
Eval

Package source references dynamic code evaluation.

assets/js/leaderboard.jsView on unpkg · L45

Findings

3 Critical1 High2 Medium2 Low
CriticalCritical Secretassets/js/app_functions.js
CriticalRemote Asset Decode Executeassets/js/leaderboard.js
CriticalSecret Patternassets/js/app_functions.js
HighEvalassets/js/leaderboard.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowHigh Entropy Strings
LowUrl Strings