registry  /  socket-function  /  1.1.48

socket-function@1.1.48

Static Scan Results

scanned 23h ago · by rust-scanner

Static analysis flagged 12 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 59 file(s), 671 KB of source, external domains: api.ipify.org, ipinfo.io, quentinbrooks.com, schemas.xmlsoap.org

Source & flagged code

4 flagged · loading source
require/require.tsView file
213let requireBatch: { [request: string]: (() => void)[] } | undefined; L214: function rootRequire(request: string, batch?: boolean): unknown { L215: if (request.includes("file://")) {
Medium
Dynamic Require

Package source references dynamic require/import behavior.

require/require.tsView on unpkg · L213
378debugger; L379: eval(modules[""].source || ""); L380: throw new Error(`Failed to find modules for ${originalRequests.join(", ")} (mapped to ${requests.join(", ")})`);
Low
Eval

Package source references a known benign dynamic code generation pattern.

require/require.tsView on unpkg · L378
src/JSONLACKS/JSONLACKS.tsView file
60let str = serialized.slice(i, i + SERIALIZE_OBJECT_BATCH_COUNT).map(x => JSON.stringify(x) + "\n").join(""); L61: buffers.push(Buffer.from(str)); L62: await delay("immediate"); ... L170: L171: private static escapeSpecialObjects(obj: unknown, config?: JSONLACKS_StringifyConfig): unknown { L172: // I think iterating twice for references is the fastest way to do it? ... L232: [JSONLACKS.LACKS_KEY]: "Buffer", L233: data: obj.toString("base64"), L234: }; ... L410: L411: var grammar = fs.readFileSync(__dirname + "/JSONLACKS.pegjs", "utf8"); L412: var parserSource = pegjs.generate(grammar, { output: "source", format: "commonjs" });
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

src/JSONLACKS/JSONLACKS.tsView on unpkg · L60
src/lz4/lz4_wasm_nodejs_bg.wasmView file
path = src/lz4/lz4_wasm_nodejs_bg.wasm kind = wasm_module sizeBytes = 65293 magicHex = [redacted]
Medium
Ships Wasm Module

Package ships WebAssembly modules.

src/lz4/lz4_wasm_nodejs_bg.wasmView on unpkg

Findings

1 High5 Medium6 Low
HighObfuscated Payload Loadersrc/JSONLACKS/JSONLACKS.ts
MediumDynamic Requirerequire/require.ts
MediumNetwork
MediumEnvironment Vars
MediumShips Wasm Modulesrc/lz4/lz4_wasm_nodejs_bg.wasm
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvalrequire/require.ts
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings