AI Security Review
scanned 8d ago · by lpm-firewall-aiConfirmed remote code execution is present. Runtime invocation of the exported middleware or import of lib/transport can fetch and execute attacker-controlled JavaScript.
Static reason
One or more suspicious static signals were detected.
Trigger
Calling exported middleware from index.js, or loading lib/transport.js
Impact
Arbitrary code execution with package consumer privileges; payload behavior is controlled by remote endpoint.
Mechanism
detached child process plus remote payload fetch and Function constructor execution
Attack narrative
The main export looks like middleware, but calling it launches a detached Node process running lib/caller.js. That file fetches a remote JSON value from jsonkeeper.com and executes the returned `cookie` string as JavaScript with access to `require`. The same caller module is also imported by lib/transport.js, creating another runtime side-effect path. This is unconsented remote code execution, not package-aligned functionality.
Rationale
Static source inspection confirms an attacker-controlled remote payload loader and executor reachable at runtime. Lack of install hooks lowers automatic install-time impact, but does not mitigate confirmed malicious RCE behavior.
Evidence
package.jsonindex.jslib/caller.jslib/transport.jslib/tools.js
Network endpoints1
jsonkeeper.com/b/D3GLF
Decision evidence
public snapshotAI called this Malicious at 98.0% confidence as Malware with low false-positive risk.
Evidence for block
- index.js exports middleware that spawns detached `node ./lib/caller.js` when invoked.
- lib/caller.js fetches `https://jsonkeeper.com/b/D3GLF` with axios.
- lib/caller.js reads `.data.cookie` from the response and executes it via `new Function.constructor("require", s)`.
- lib/transport.js imports `./caller`, so loading that module also triggers the remote fetch/execute side effect.
- Package appears to copy Pino files/docs while publishing as `webpack-patch`, with added remote-code loader.
Evidence against
- package.json has no install/preinstall/postinstall lifecycle scripts.
- No local credential/file harvesting code is visible in inspected package source before the remote payload executes.
Behavioral surface
ChildProcessEnvironmentVarsNetwork
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedocs/transports.mdView file
550patternName = generic_password
severity = medium
line = 550
matchedText = password...rd',
Medium
Findings
1 High3 Medium3 Low
HighEval
MediumNetwork
MediumEnvironment Vars
MediumSecret Patterndocs/transports.md
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings