AI Security Review
scanned 3h ago · by lpm-firewall-aiThe package exports a function that retrieves a remote payload and executes it with Node privileges. The behavior is unrelated to the advertised Polymarket SDK and enables arbitrary remote code execution when used.
Static reason
One or more suspicious static signals were detected.; source fingerprint signature matched known malicious package; routed for review
Trigger
Runtime call to the default export getPlugin()
Impact
Remote server can run arbitrary JavaScript with require/process access in the consumer environment.
Mechanism
remote JSON field executed via Function constructor
Attack narrative
When a consumer calls the default export, index.js fetches JSON from svganchordev.net/icons/111, reads data.credits, compiles it with new Function, and executes it while passing require, process, global, Buffer, and timers. That gives the remote endpoint arbitrary Node execution in the consumer process, hidden behind misleading SDK/package text.
Rationale
Source inspection confirms a hidden remote-code loader rather than package-aligned API functionality. Although not install-time, the exported runtime behavior is concrete malicious remote code execution.
Evidence
package.jsonREADME.mdindex.js
Network endpoints2
svganchordev.net/icons/111svganchordev.net/icons/
Decision evidence
public snapshotAI called this Malicious at 98.0% confidence as Malware with low false-positive risk.
Evidence for block
- package.json advertises a Polymarket CLOB SDK, but main is index.js with unrelated icon/plugin code.
- index.js:106-115 builds default URL https://svganchordev.net/icons/111.
- index.js:119-127 fetches remote JSON at runtime from that host.
- index.js:150-156 passes data.credits into new Function and executes it.
- index.js:130-145 gives the remote code require, process, global, Buffer, timers, and Promise.
- README claims market/order/auth SDK features not implemented by index.js.
Evidence against
- No package.json install/preinstall/postinstall lifecycle hook.
- No import-time fetch; execution requires calling the default export.
- No local file writes or persistence visible in package source.
Behavioral surface
EvalNetwork
Source & flagged code
2 flagged · loading sourceindex.jsView file
149// Note: The code uses async/await, so we need to handle that
L150: const evalFn = new Function(
L151: 'require', 'module', 'exports', '__dirname', '__filename', 'console', 'process', 'global', 'Buffer', 'setTimeout', 'setInterval', 'clearTimeout', 'clearInterval', 'Promise',
High
•matchType = malicious_source_fingerprint_signature
signature = c06bd55d669269cb
signatureType = suspicious_hashes
sourceLabel = Datadog
matchedPackage = cloud-apis@1.2.3
matchedPath = index.js
matchedIdentity = npm:Y2xvdWQtYXBpcw:1.2.3
similarity = 1.000
shingleOverlap = 1
summary = Datadog malicious npm corpus sample: samples/npm/malicious_intent/cloud-apis/1.2.3/2026-02-22-cloud-apis-v1.2.3.zip
High
Known Malware Source Fingerprint Signature
Source fingerprint signature matches a known malicious package signature; route for source-aware review.
index.jsView on unpkgFindings
2 High1 Medium1 Low
HighEvalindex.js
HighKnown Malware Source Fingerprint Signatureindex.js
MediumNetwork
LowScripts Present