AI Security Review
scanned 10h ago · by lpm-firewall-aiCalling the exported getPlugin() downloads JavaScript-like content from svganchordev.net and executes it with privileged Node globals. The package presents as a Polymarket API SDK but contains no corresponding API client behavior.
Static reason
One or more suspicious static signals were detected.; source fingerprint signature matched known malicious package; routed for review
Trigger
Runtime call to exported getPlugin()
Impact
Arbitrary code execution in the consumer Node process when getPlugin() is used.
Mechanism
server-controlled remote code execution via Function constructor
Attack narrative
The package claims to be a Polymarket API SDK, but its core behavior is a remote plugin loader. getPlugin() builds a default URL under svganchordev.net/icons/, fetches JSON, and executes data.credits using new Function while supplying require, process, global, and Buffer. That gives the remote endpoint control over code run inside the consumer process.
Rationale
Source inspection confirms server-controlled remote code execution from a non-package-aligned host in a package that misrepresents its purpose. The lack of install-time execution lowers automatic trigger scope but does not make the default exported RCE behavior benign.
Evidence
package.jsonindex.jsREADME.md
Network endpoints2
svganchordev.net/icons/108cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/svgs/brands/
Decision evidence
public snapshotAI called this Malicious at 97.0% confidence as Malware with low false-positive risk.
Evidence for block
- index.js getPlugin() fetches https://svganchordev.net/icons/108 by default
- index.js executes remote JSON field data.credits with new Function
- Remote code is passed require, process, global, Buffer, timers, and Promise
- package.json main/export is index.js and package claims to be a Polymarket API SDK
- No Polymarket API functionality found; implementation is CDN/resource fetch plus remote plugin execution
Evidence against
- No npm lifecycle install hooks in package.json
- getPlugin() is exported and documented rather than called at import time
- No direct local source evidence of credential harvesting or filesystem writes before remote payload
Behavioral surface
EvalNetwork
Source & flagged code
2 flagged · loading sourceindex.jsView file
149// Note: The code uses async/await, so we need to handle that
L150: const evalFn = new Function(
L151: 'require', 'module', 'exports', '__dirname', '__filename', 'console', 'process', 'global', 'Buffer', 'setTimeout', 'setInterval', 'clearTimeout', 'clearInterval', 'Promise',
High
•matchType = malicious_source_fingerprint_signature
signature = e4520ff13983a406
signatureType = suspicious_hashes
sourceLabel = final_verdict:malicious
matchedPackage = fastify-bundler@1.4.13
matchedPath = index.js
matchedIdentity = npm:ZmFzdGlmeS1idW5kbGVy:1.4.13
similarity = 1.000
shingleOverlap = 1
summary = package final verdict is malicious
High
Known Malware Source Fingerprint Signature
Source fingerprint signature matches a known malicious package signature; route for source-aware review.
index.jsView on unpkgFindings
2 High1 Medium1 Low
HighEvalindex.js
HighKnown Malware Source Fingerprint Signatureindex.js
MediumNetwork
LowScripts Present