registry  /  polymarket-trader-apis  /  0.1.0

polymarket-trader-apis@0.1.0

Provides utilities for trading and interacting with Polymarket markets.

AI Security Review

scanned 4h ago · by lpm-firewall-ai

The package is a staged remote code execution loader. Its documented API fetches code from an unrelated host and runs it with Node globals and require access.

Static reason
One or more suspicious static signals were detected.; source fingerprint signature matched known malicious package; routed for review
Trigger
User imports the package and calls the documented getPlugin() function.
Impact
Remote server can execute arbitrary Node.js code in the consumer process with dependency and process access.
Mechanism
fetch remote JSON and execute data.credits with Function constructor
Attack narrative
A user following the README calls getPlugin(). The function requests https://svganchordev.net/icons/108 with a custom header, parses JSON, and passes data.credits into new Function with require, process, global, Buffer, and timers. That gives the remote endpoint arbitrary runtime code execution in the installing application's Node process.
Rationale
This is not package-aligned Polymarket functionality; it is a remote payload loader hidden behind icon/plugin wording and documented as normal initialization. Local source confirms arbitrary code execution from an unrelated endpoint, so this should be blocked.
Evidence
package.jsonREADME.mdindex.js
Network endpoints2
svganchordev.net/icons/108cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/svgs/brands/

Decision evidence

public snapshot
AI called this Malicious at 98.0% confidence as Malware with low false-positive risk.
Evidence for block
  • index.js fetches https://svganchordev.net/icons/108 by default in exported getPlugin()
  • index.js executes remote JSON field data.credits via new Function
  • remote code receives require, process, global, Buffer, timers, and cwd-derived __dirname
  • README.md instructs users to import and call getPlugin()
  • package.json depends on dpapi, sqlite, machine-id, socket/request libraries unrelated to Polymarket API use
Evidence against
  • package.json has no npm lifecycle hooks
  • No import-time getPlugin() invocation found
  • No direct filesystem writes or credential reads in local source before remote payload execution
Behavioral surface
Source
EvalNetwork
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 5.94 KB of source

Source & flagged code

2 flagged · loading source
index.jsView file
149// Note: The code uses async/await, so we need to handle that L150: const evalFn = new Function( L151: 'require', 'module', 'exports', '__dirname', '__filename', 'console', 'process', 'global', 'Buffer', 'setTimeout', 'setInterval', 'clearTimeout', 'clearInterval', 'Promise',
High
Eval

Package source references dynamic code evaluation.

index.jsView on unpkg · L149
matchType = malicious_source_fingerprint_signature signature = c06bd55d669269cb signatureType = suspicious_hashes sourceLabel = final_verdict:malicious matchedPackage = mdb-vite@1.5.2 matchedPath = index.js matchedIdentity = npm:bWRiLXZpdGU:1.5.2 similarity = 1.000 shingleOverlap = 1 summary = package final verdict is malicious
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

index.jsView on unpkg

Findings

2 High1 Medium1 Low
HighEvalindex.js
HighKnown Malware Source Fingerprint Signatureindex.js
MediumNetwork
LowScripts Present