registry  /  grapes-andrewdingus  /  1.0.35

grapes-andrewdingus@1.0.35

GRAPES OS static site — CDN-ready via unpkg

AI Security Review

scanned 2h ago · by lpm-firewall-ai

The package is a static site, but its leaderboard page loads and executes mutable remote JavaScript. A visitor opening the packaged leaderboard grants code execution to a GitHub-hosted payload outside the npm tarball.

Static reason
High-risk behavior combination matched malicious policy.; source matched previously finalized malicious package; routed for review
Trigger
browser visit to leaderboard.html
Impact
remote code execution in the page context; remote payload can alter DOM, access same-origin browser storage, and drive user-facing behavior
Mechanism
fetch remote JavaScript and eval it
Attack narrative
When a user opens the packaged leaderboard page, assets/js/leaderboard.js fetches a mutable JavaScript file from raw.githubusercontent.com and passes the response directly to eval. That lets code outside the npm package execute in the page context without npm review or integrity pinning.
Rationale
Direct source inspection confirms a runtime fetch-and-eval path for remote JavaScript, which is a concrete remote-code execution/staged payload behavior. The absence of install hooks reduces install-time risk but does not neutralize the browser-runtime payload loader shipped in the package.
Evidence
package.jsonleaderboard.htmlassets/js/leaderboard.jsassets/js/app_functions.js
Network endpoints2
raw.githubusercontent.com/grapes-os/grapes-os-leaderboard/main/scores.jshqlgppguxhqeaonjzinv.supabase.co

Decision evidence

public snapshot
AI called this Malicious at 95.0% confidence as Malware with low false-positive risk.
Evidence for block
  • assets/js/leaderboard.js fetches remote scores.js from raw.githubusercontent.com.
  • assets/js/leaderboard.js immediately evals the fetched text in main().
  • leaderboard.html loads assets/js/leaderboard.js for browser visitors.
  • assets/js/app_functions.js connects to Supabase and loads remote app data into iframes.
  • No npm lifecycle hooks, but malicious behavior is runtime-triggered from packaged web page.
Evidence against
  • package.json has no install/preinstall/postinstall scripts.
  • No child_process, filesystem writes, native binary loading, or AI-agent control-surface writes found.
  • Supabase key is an anon browser key pattern, not evidence of credential theft by itself.
Behavioral surface
Source
EvalNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 9 file(s), 42.1 KB of source, external domains: 1.australianhuntermag.com.au, 1.belizebuilders.com, 1.burgermap.org, 1.chowpatty.com, 1.deleesportsmedicine.com, 1.lscomm.net, 1.oceanracingseries.co.za, 1.rodolfocolen.com, 1.room4rent.cl, 1.rootsbobcat.com, 1.southwestvoodoo.com, 1.tartsandcrafts.ca, 1.tomholden.info, 1.videospeed.cl, 1.vivocolor.cl, 2.intothelightprod.com, 2.macao.net, 57.admain.cl, acetaminophen.deleesportsmedicine.com, acting.intothelightprod.com, adsadkjsadjksakldjxx.math-solver.online, agent.room4rent.cl, alpha.y.glenwaverleychurches.org, antihistamines.medscience.cl, api.cloud.rigaprecast.com, app.cloud.rigaprecast.com, attractions.uk.to, aurora.xyz.moochurch.com, b.j0.icom.org.np, backend.development.sanluix.org, basketball.prosports.cl, behavior.lasersoft.net.au, beta.y.glenwaverleychurches.org, biology-img.shekinahphotography.com, blog.cloud.rigaprecast.com, boeing.morlockaerospace.com, books.michelleingah.com, ca.skimanshop.it, carriers.mobile-node.net, cdn.businessrelay.co.za, cdn.i-mind.cl, cdn.masonic-lodge.ca, cdn.yourciooncall.com, cheap.showmyhomes.com, cheap.winterhouse.info, china.dingshun.hk, china.taoism-dingshun.org, construct.rustyfoundation.com, coolmathgames.com, cultures.linexedu.eu

Source & flagged code

6 flagged · loading source
assets/js/app_functions.jsView file
3patternName = supabase_service_key severity = critical line = 3 matchedText = "eyJhbGc...w8";
Critical
Critical Secret

Package contains a critical-looking secret pattern.

assets/js/app_functions.jsView on unpkg · L3
3patternName = supabase_service_key severity = critical line = 3 matchedText = "eyJhbGc...w8";
Critical
Secret Pattern

Supabase service role key (JWT) in assets/js/app_functions.js

assets/js/app_functions.jsView on unpkg · L3
assets/js/leaderboard.jsView file
36async function getScores() { L37: let response = await fetch( L38: "https://raw.githubusercontent.com/grapes-os/grapes-os-leaderboard/main/scores.js", L39: ); L40: return await response.text(); // is promise for whatever reason L41: } ... L45: let js_code = await getScores(); L46: eval(js_code); // never use eval L47: } catch (e) {
Critical
Remote Asset Decode Execute

Source fetches a remote non-code asset, decodes its contents, and dynamically executes the decoded payload.

assets/js/leaderboard.jsView on unpkg · L36
45let js_code = await getScores(); L46: eval(js_code); // never use eval L47: } catch (e) {
High
Eval

Package source references dynamic code evaluation.

assets/js/leaderboard.jsView on unpkg · L45
matchType = normalized_sha256 matchedPackage = grapes-andrewdingus@1.0.30 matchedPath = assets/js/leaderboard.js matchedIdentity = npm:Z3JhcGVzLWFuZHJld2Rpbmd1cw:1.0.30 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

assets/js/leaderboard.jsView on unpkg
prepare-unpkg.ps1View file
path = prepare-unpkg.ps1 kind = build_helper sizeBytes = 468 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

prepare-unpkg.ps1View on unpkg

Findings

3 Critical2 High3 Medium2 Low
CriticalCritical Secretassets/js/app_functions.js
CriticalRemote Asset Decode Executeassets/js/leaderboard.js
CriticalSecret Patternassets/js/app_functions.js
HighEvalassets/js/leaderboard.js
HighKnown Malware Source Similarityassets/js/leaderboard.js
MediumNetwork
MediumShips Build Helperprepare-unpkg.ps1
MediumStructural Risk Force Deep Review
LowHigh Entropy Strings
LowUrl Strings