AI Security Review
scanned 2d ago · by lpm-firewall-aiThe package is a static site, but its leaderboard page executes mutable remote JavaScript from GitHub at runtime. That remote code can run in the page origin when a visitor opens leaderboard.html.
Decision evidence
public snapshot- assets/js/leaderboard.js fetches https://raw.githubusercontent.com/grapes-os/grapes-os-leaderboard/main/scores.js.
- assets/js/leaderboard.js immediately evals the fetched text in main().
- leaderboard.html loads /assets/js/leaderboard.js with defer, activating on page visit.
- package.json has no lifecycle scripts, bin, dependencies, or install-time execution.
- assets/js/app_functions.js Supabase anon key is used for app listing RPC/localStorage caching and appears package-aligned.
- prepare-unpkg.ps1 only copies CSS into assets/css before publish; it is not wired to npm scripts.
Source & flagged code
7 flagged · loading sourcePackage contains a critical-looking secret pattern.
assets/js/app_functions.jsView on unpkg · L3Supabase service role key (JWT) in assets/js/app_functions.js
assets/js/app_functions.jsView on unpkg · L3Source fetches a remote non-code asset, decodes its contents, and dynamically executes the decoded payload.
assets/js/leaderboard.jsView on unpkg · L36Source file is highly similar to a previously finalized malicious package; route for source-aware review.
assets/js/leaderboard.jsView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
assets/js/leaderboard.jsView on unpkgPackage ships non-JavaScript build or shell helper files.
prepare-unpkg.ps1View on unpkg