registry  /  grapes-andrewdingus  /  1.0.33

grapes-andrewdingus@1.0.33

GRAPES OS static site — CDN-ready via unpkg

AI Security Review

scanned 2h ago · by lpm-firewall-ai

The leaderboard page executes mutable remote JavaScript from GitHub at browser runtime. This gives the remote repository control over code running in the package page context.

Static reason
High-risk behavior combination matched malicious policy.; source matched previously finalized malicious package; routed for review; source fingerprint signature matched known malicious package; routed for review
Trigger
Opening leaderboard.html in a browser
Impact
Remote payload can run in page origin, alter DOM, access browser storage for that origin, and perform browser-network actions.
Mechanism
remote JavaScript fetch followed by eval
Rationale
Direct source inspection confirms a browser runtime remote-code-execution path via fetch plus eval, not just a scanner label. Although there is no npm install hook or local file harvesting, the remote payload execution is concrete attack behavior for users of the packaged site. Product guard normalized a non-low false-positive publish_block request to warn-only suspicious.
Evidence
package.jsonleaderboard.htmlassets/js/leaderboard.jsassets/js/app_functions.js
Network endpoints2
raw.githubusercontent.com/grapes-os/grapes-os-leaderboard/main/scores.jshqlgppguxhqeaonjzinv.supabase.co

Decision evidence

public snapshot
AI called this Suspicious at 93.0% confidence as Malware with medium false-positive risk.
Evidence for warning
  • assets/js/leaderboard.js fetches https://raw.githubusercontent.com/grapes-os/grapes-os-leaderboard/main/scores.js as text.
  • assets/js/leaderboard.js immediately executes that remote response with eval(js_code).
  • leaderboard.html loads /assets/js/leaderboard.js, so visiting that page triggers the remote eval path.
Evidence against
  • package.json defines no preinstall/install/postinstall lifecycle scripts.
  • The package is mostly static HTML/CSS/image assets.
  • assets/js/app_functions.js Supabase key is an anon browser client key used for app listing, not package install-time credential theft.
Behavioral surface
Source
EvalNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 9 file(s), 41.9 KB of source, external domains: 1.australianhuntermag.com.au, 1.belizebuilders.com, 1.burgermap.org, 1.chowpatty.com, 1.deleesportsmedicine.com, 1.lscomm.net, 1.oceanracingseries.co.za, 1.rodolfocolen.com, 1.room4rent.cl, 1.rootsbobcat.com, 1.southwestvoodoo.com, 1.tartsandcrafts.ca, 1.tomholden.info, 1.videospeed.cl, 1.vivocolor.cl, 2.intothelightprod.com, 2.macao.net, 57.admain.cl, acetaminophen.deleesportsmedicine.com, acting.intothelightprod.com, adsadkjsadjksakldjxx.math-solver.online, agent.room4rent.cl, alpha.y.glenwaverleychurches.org, antihistamines.medscience.cl, api.cloud.rigaprecast.com, app.cloud.rigaprecast.com, attractions.uk.to, aurora.xyz.moochurch.com, b.j0.icom.org.np, backend.development.sanluix.org, basketball.prosports.cl, behavior.lasersoft.net.au, beta.y.glenwaverleychurches.org, biology-img.shekinahphotography.com, blog.cloud.rigaprecast.com, boeing.morlockaerospace.com, books.michelleingah.com, ca.skimanshop.it, carriers.mobile-node.net, cdn.businessrelay.co.za, cdn.i-mind.cl, cdn.masonic-lodge.ca, cdn.yourciooncall.com, cheap.showmyhomes.com, cheap.winterhouse.info, china.dingshun.hk, china.taoism-dingshun.org, construct.rustyfoundation.com, coolmathgames.com, cultures.linexedu.eu

Source & flagged code

10 flagged · loading source
assets/js/app_functions.jsView file
3patternName = supabase_service_key severity = critical line = 3 matchedText = "eyJhbGc...w8";
Critical
Critical Secret

Package contains a critical-looking secret pattern.

assets/js/app_functions.jsView on unpkg · L3
3patternName = supabase_service_key severity = critical line = 3 matchedText = "eyJhbGc...w8";
Critical
Secret Pattern

Supabase service role key (JWT) in assets/js/app_functions.js

assets/js/app_functions.jsView on unpkg · L3
assets/js/leaderboard.jsView file
36async function getScores() { L37: let response = await fetch( L38: "https://raw.githubusercontent.com/grapes-os/grapes-os-leaderboard/main/scores.js", L39: ); L40: return await response.text(); // is promise for whatever reason L41: } ... L45: let js_code = await getScores(); L46: eval(js_code); // never use eval L47: } catch (e) {
Critical
Remote Asset Decode Execute

Source fetches a remote non-code asset, decodes its contents, and dynamically executes the decoded payload.

assets/js/leaderboard.jsView on unpkg · L36
45let js_code = await getScores(); L46: eval(js_code); // never use eval L47: } catch (e) {
High
Eval

Package source references dynamic code evaluation.

assets/js/leaderboard.jsView on unpkg · L45
matchType = normalized_sha256 matchedPackage = grapes-andrewdingus@1.0.35 matchedPath = assets/js/leaderboard.js matchedIdentity = npm:Z3JhcGVzLWFuZHJld2Rpbmd1cw:1.0.35 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

assets/js/leaderboard.jsView on unpkg
matchType = malicious_source_fingerprint_signature signature = 26a6083a366a497c signatureType = suspicious_hashes sourceLabel = final_verdict:malicious matchedPackage = grapes-andrewdingus@1.0.30 matchedPath = assets/js/leaderboard.js matchedIdentity = npm:Z3JhcGVzLWFuZHJld2Rpbmd1cw:1.0.30 similarity = 1.000 shingleOverlap = 5 summary = package final verdict is malicious
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

assets/js/leaderboard.jsView on unpkg
prepare-unpkg.ps1View file
path = prepare-unpkg.ps1 kind = build_helper sizeBytes = 468 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

prepare-unpkg.ps1View on unpkg
grapes-andrewdingus-1.0.31.tgzView file
path = grapes-andrewdingus-1.0.31.tgz kind = high_entropy_blob sizeBytes = 16415023 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

grapes-andrewdingus-1.0.31.tgzView on unpkg
path = grapes-andrewdingus-1.0.31.tgz kind = compressed_blob sizeBytes = 16415023 magicHex = [redacted]
Medium
Ships Compressed Blob

Package ships compressed or archive-like blobs.

grapes-andrewdingus-1.0.31.tgzView on unpkg
path = grapes-andrewdingus-1.0.31.tgz kind = nested_archive_needs_inspection sizeBytes = 16415023 magicHex = [redacted]
Low
Nested Archive Needs Inspection

Package ships a nested archive or MCP bundle that was inventoried but not recursively analyzed.

grapes-andrewdingus-1.0.31.tgzView on unpkg

Findings

3 Critical4 High4 Medium3 Low
CriticalCritical Secretassets/js/app_functions.js
CriticalRemote Asset Decode Executeassets/js/leaderboard.js
CriticalSecret Patternassets/js/app_functions.js
HighEvalassets/js/leaderboard.js
HighShips High Entropy Blobgrapes-andrewdingus-1.0.31.tgz
HighKnown Malware Source Similarityassets/js/leaderboard.js
HighKnown Malware Source Fingerprint Signatureassets/js/leaderboard.js
MediumNetwork
MediumShips Build Helperprepare-unpkg.ps1
MediumShips Compressed Blobgrapes-andrewdingus-1.0.31.tgz
MediumStructural Risk Force Deep Review
LowHigh Entropy Strings
LowUrl Strings
LowNested Archive Needs Inspectiongrapes-andrewdingus-1.0.31.tgz