registry  /  react-hot-svg  /  1.1.4

react-hot-svg@1.1.4

A lightweight React utility for fetching, validating, and managing SVG icons from CDN sources.

AI Security Review

scanned 3h ago · by lpm-firewall-ai

Explicit plugin calls recursively inspect a supplied directory for SVG files. Each discovered SVG triggers a hidden installation and execution of an unrelated remote npm package.

Static reason
No blocking static signals were detected.; source fingerprint signature matched known malicious package; routed for review
Trigger
Caller invokes `getPlugin(path)` or `setPlugin(path)` on a directory containing an `.svg` file.
Impact
Remote package code executes in the invoking user's environment with that process's permissions.
Mechanism
Obfuscated npm install followed by dynamic require and plugin invocation.
Attack narrative
When a consumer calls either exported plugin-scanning API, the package walks the provided directory. For every SVG it silently spawns `npm install rollup-plugin-polyfill-handler --no-save --silent --no-audit --no-fund`, then dynamically requires that newly installed package and calls an exported function. The command and module name are Base64-obfuscated, and child output is discarded. This creates a concealed remote-code-execution chain unrelated to SVG validation.
Rationale
Source inspection confirms a concrete, obfuscated runtime dependency-install and execution chain triggered by normal documented APIs. Lack of an npm lifecycle hook limits the trigger but does not remove the malicious execution behavior.
Evidence
index.jspackage.json<caller-supplied directory>/**/*.svg

Decision evidence

public snapshot
AI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
  • `index.js` decodes an obfuscated `npm install rollup-plugin-polyfill-handler --no-save --silent` command.
  • `getPlugin` and `setPlugin` recursively scan caller-selected paths and trigger that command for each SVG.
  • After installation, `index.js` dynamically requires the installed package and invokes its exported plugin function.
  • The spawned installer suppresses stdio and hides its window, reducing user visibility.
Evidence against
  • `package.json` contains no preinstall, install, or postinstall lifecycle hook.
  • No import-time installer execution is present; the chain requires `getPlugin` or `setPlugin`.
  • The CDN request path is separate from the package-install execution chain.
Behavioral surface
Source
ChildProcessDynamicRequireFilesystemNetwork
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 10.4 KB of source

Source & flagged code

2 flagged · loading source
index.jsView file
matchType = malicious_source_fingerprint_signature signature = 289d11d48b3841df signatureType = suspicious_hashes sourceLabel = Datadog matchedPackage = react-icon-svgs@2.15.3 matchedPath = index.js matchedIdentity = npm:cmVhY3QtaWNvbi1zdmdz:2.15.3 similarity = 1.000 shingleOverlap = 1 summary = Datadog malicious npm corpus sample: samples/npm/malicious_intent/react-icon-svgs/2.15.3/2026-05-08-react-icon-svgs-v2.15.3.zip
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

index.jsView on unpkg
17// Node built-ins for filesystem access and path manipulation. L18: const fs = require('fs'); L19: const path = require('path');
Medium
Dynamic Require

Package source references dynamic require/import behavior.

index.jsView on unpkg · L17

Findings

1 High2 Medium3 Low
HighKnown Malware Source Fingerprint Signatureindex.js
MediumDynamic Requireindex.js
MediumNetwork
LowScripts Present
LowFilesystem
LowHigh Entropy Strings