AI Security Review
scanned 2h ago · by lpm-firewall-aiThe leaderboard page executes mutable remote JavaScript from GitHub at browser runtime. This gives the remote repository control over code running in the package page context.
Decision evidence
public snapshot- assets/js/leaderboard.js fetches https://raw.githubusercontent.com/grapes-os/grapes-os-leaderboard/main/scores.js as text.
- assets/js/leaderboard.js immediately executes that remote response with eval(js_code).
- leaderboard.html loads /assets/js/leaderboard.js, so visiting that page triggers the remote eval path.
- package.json defines no preinstall/install/postinstall lifecycle scripts.
- The package is mostly static HTML/CSS/image assets.
- assets/js/app_functions.js Supabase key is an anon browser client key used for app listing, not package install-time credential theft.
Source & flagged code
10 flagged · loading sourcePackage contains a critical-looking secret pattern.
assets/js/app_functions.jsView on unpkg · L3Supabase service role key (JWT) in assets/js/app_functions.js
assets/js/app_functions.jsView on unpkg · L3Source fetches a remote non-code asset, decodes its contents, and dynamically executes the decoded payload.
assets/js/leaderboard.jsView on unpkg · L36Source file is highly similar to a previously finalized malicious package; route for source-aware review.
assets/js/leaderboard.jsView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
assets/js/leaderboard.jsView on unpkgPackage ships non-JavaScript build or shell helper files.
prepare-unpkg.ps1View on unpkgPackage ships high-entropy non-source blobs.
grapes-andrewdingus-1.0.31.tgzView on unpkgPackage ships compressed or archive-like blobs.
grapes-andrewdingus-1.0.31.tgzView on unpkgPackage ships a nested archive or MCP bundle that was inventoried but not recursively analyzed.
grapes-andrewdingus-1.0.31.tgzView on unpkg