AI Security Review
scanned 6h ago · by lpm-firewall-aiThe package ships a static site page that executes mutable remote JavaScript from GitHub at runtime. No install-time behavior was found, but visiting the leaderboard page gives the remote scores file arbitrary script execution in the page context.
Decision evidence
public snapshot- assets/js/leaderboard.js fetches https://raw.githubusercontent.com/grapes-os/grapes-os-leaderboard/main/scores.js
- assets/js/leaderboard.js immediately evals fetched remote text in main()
- leaderboard.html loads assets/js/leaderboard.js with defer, activating on page visit
- Remote code runs in browser origin and can access DOM/storage for the static site
- package.json has no npm lifecycle scripts or bin entrypoints
- No install-time filesystem writes or AI-agent control-surface mutation found
- assets/js/app_functions.js Supabase key is an anon browser key used for app listing RPC
- prepare-unpkg.ps1 is a publish helper copying CSS only
Source & flagged code
10 flagged · loading sourcePackage contains a critical-looking secret pattern.
assets/js/app_functions.jsView on unpkg · L3Supabase service role key (JWT) in assets/js/app_functions.js
assets/js/app_functions.jsView on unpkg · L3Source fetches a remote non-code asset, decodes its contents, and dynamically executes the decoded payload.
assets/js/leaderboard.jsView on unpkg · L36Source file is highly similar to a previously finalized malicious package; route for source-aware review.
assets/js/leaderboard.jsView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
assets/js/leaderboard.jsView on unpkgPackage ships non-JavaScript build or shell helper files.
prepare-unpkg.ps1View on unpkgPackage ships high-entropy non-source blobs.
grapes-andrewdingus-1.0.31.tgzView on unpkgPackage ships compressed or archive-like blobs.
grapes-andrewdingus-1.0.31.tgzView on unpkgPackage ships a nested archive or MCP bundle that was inventoried but not recursively analyzed.
grapes-andrewdingus-1.0.31.tgzView on unpkg