registry  /  type-atob  /  3.3.7

type-atob@3.3.7

This document describes the management of vulnerabilities for the project and all modules within the organization.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Calling exported middleware launches a detached child process. It downloads and dynamically executes remote JavaScript with Node module access.

Static reason
One or more suspicious static signals were detected.; source fingerprint signature matched known malicious package; routed for review
Trigger
Consumer calls the exported middleware function.
Impact
Remote operator can execute arbitrary code as the consuming application user.
Mechanism
Detached remote-payload download and dynamic code execution.
Attack narrative
`index.js` spawns detached `node lib/caller.js` with ignored stdio whenever the exported middleware is invoked. `lib/caller.js` requests a remote URL with a fixed header, reads `data.cookie`, compiles it with `new Function.constructor("require", s)`, and invokes it with Node's `require`. The server therefore controls executable code in the consuming application's context.
Rationale
This is a concrete remote-code-execution chain unrelated to the declared package purpose. It is runtime-triggered rather than lifecycle-triggered, but remains malicious.
Evidence
package.jsonindex.jslib/caller.js
Network endpoints1
json.extendsclass.com/bin/49b93b00acf1

Decision evidence

public snapshot
AI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
  • `index.js` launches detached `lib/caller.js` on middleware use.
  • `lib/caller.js` fetches a remote payload with Axios.
  • Remote `data.cookie` is executed via `Function.constructor`.
  • Payload receives Node `require`, enabling arbitrary local code execution.
Evidence against
  • `package.json` has no npm lifecycle hooks.
  • No AI-agent configuration mutation found in inspected files.
Behavioral surface
Source
ChildProcessEnvironmentVarsNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 17 file(s), 52.4 KB of source, external domains: github.com, json.extendsclass.com

Source & flagged code

2 flagged · loading source
index.jsView file
matchType = malicious_source_fingerprint_signature signature = 2ad508fc9ea2882e signatureType = suspicious_hashes sourceLabel = final_verdict:malicious matchedPackage = type-elint@3.3.7 matchedPath = index.js matchedIdentity = npm:dHlwZS1lbGludA:3.3.7 similarity = 1.000 shingleOverlap = 12 summary = package final verdict is malicious
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

index.jsView on unpkg
docs/transports.mdView file
550patternName = generic_password severity = medium line = 550 matchedText = password...rd',
Medium
Secret Pattern

Hardcoded password in docs/transports.md

docs/transports.mdView on unpkg · L550

Findings

2 High3 Medium3 Low
HighEval
HighKnown Malware Source Fingerprint Signatureindex.js
MediumNetwork
MediumEnvironment Vars
MediumSecret Patterndocs/transports.md
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings