Secure your dependencies. Ship with confidence.

This code is malicious or at minimum intentionally dangerous. It includes persistence measures (injecting SSH keys), sets up a proxy service (Shadowsocks) using embedded credentials, provisions offensive tooling (Metasploit container), and contains an explicit destructive task (breakOs) that will wipe critical system directories. The module provides unfettered remote command execution and file upload capabilities. Do not run this code on any system you care about; consider it hostile and remove or quarantine it.

The code snippet contains a fetch request to a potentially suspicious domain, which could indicate unauthorized data transmission or communication with a malicious server. The lack of obfuscation suggests the code is not intentionally hidden, but the use of the 'oast.fun' domain warrants further investigation.

Live on npm for 13 days, 9 hours and 10 minutes before removal. Socket users were protected even while the package was live.

The code implements a client-side tracking system that collects and encrypts user interaction and device data, sending it to a hardcoded private IP address. The use of static cryptographic keys and secrets, combined with silent data exfiltration, constitutes a moderate to high security risk and potential privacy violation. While no explicit malware such as backdoors or system damage is present, the behavior aligns with spyware or covert telemetry. Users should be warned about privacy implications, and the package should be treated as suspicious in software supply chains.

This file is a standard pure-Python pickle implementation (fallback when _pickle C extension is unavailable). It does not itself contain network exfiltration, hidden backdoors, hard-coded secrets, or obfuscation beyond normal Python constructs. The main security risk is the well-known, by-design capability of pickle to execute arbitrary code when deserializing crafted input: dynamic imports, attribute lookup, function/class invocation, and __setstate__ are all present and able to run attacker-controlled code. Use only with trusted data; treat unpickling as a strong security boundary. No additional malicious indicators were found in this file.

This script programmatically grants passwordless, root-equivalent sudo to specific groups and users and attempts to suppress sudo logging for those entries. Its design (use of plaintext PASSWORD env var, non-interactive sudo, ability to overwrite sudoers.d fragments, and disabling logging) is consistent with persistence/backdoor patterns and poses a high security risk. Treat the code as dangerous: do not run on production or sensitive hosts. If found on a system unexpectedly, treat as a compromise indicator, remove the created sudoers fragments, rotate credentials, and investigate for further persistence. Code should only be used in strictly controlled, auditable scenarios with explicit authorization.

This code is malicious in intent: it automates fraudulent interaction with a banking website, contains hardcoded sensitive credentials, evades automation detection, prompts an operator to supply OTPs (social-engineering), performs money transfers, and persists session state to disk for reuse. It should be treated as a tool for account takeover and financial theft. Do not run it; remove any storage_state files and investigate systems where it executed. The snippet also contains syntax errors and is incomplete, but those do not mitigate the clearly malicious purpose.

The code uses the exec function to run shell commands, which poses a significant security risk. It could potentially execute malicious code if the input to exec is manipulated. Redirecting output to /dev/null to hide execution details is suspicious.

Live on npm for 12 minutes before removal. Socket users were protected even while the package was live.

This index file is not itself executing malicious actions, but it exposes functions whose names and module placement strongly indicate credential harvesting, exfiltration, automation, and remote control capabilities implemented in other files. The package should be considered high-risk until the referenced implementation modules are analyzed; do not use in production or on sensitive hosts without review. Immediate action: inspect the lib/*.js files listed and block/sandbox the package if review cannot be completed.

This module contains explicit data-exfiltration behavior: a plaintext Telegram bot token and an unconditional upload of a specific local file to a remote Telegram chat when executed. In a repository or dependency this constitutes a high-risk backdoor and credential leak. Treat as malicious/unsafe for reuse in packages; revoke the token and remove or modify the code to require explicit, authenticated configuration before any network file transfer.

This installer creates a persistent reverse SSH tunnel to a hardcoded remote host (jet@hq.vyomos.org) using a private key saved to disk and disables SSH host key checking. Combined with automatic systemd service creation and persistent restart, this behaves like a backdoor/persistent remote access mechanism. The module also performs privileged package installs and writes persistent system configuration. If the remote endpoint is not fully trusted and the operator did not explicitly consent, running this on production or sensitive systems is high risk. Recommend not executing this installer without vendor verification, removing or requiring explicit confirmation for reverse SSH setup, and replacing hardcoded endpoints/disabled host verification with operator-controlled, audited configuration.

The script collects various system and package information, such as hostname, home directory, and DNS servers, and sends it to a remote server.

Live on npm for 4 hours and 53 minutes before removal. Socket users were protected even while the package was live.

The code presents a moderate to high security risk due to the potential obfuscation, error handling, and low-level memory manipulation. Caution should be exercised when using this code.

This module is a wrapper for Seisan seismic tools and a formatter for STATION0.HYP files. It performs numerous system-level operations: downloading and extracting external software, installing system packages via apt-get with sudo, copying a packaged lib into /usr/lib, and executing external Seisan binaries via pexpect/subprocess. There is no clear code that exfiltrates secrets or establishes backdoors, but the lack of integrity checks on downloads, the requirement for root operations, and frequent shell command usage create substantial supply-chain and privilege escalation risk. Use in environments where the package or its downloaded content could be tampered with is dangerous. Recommend not running download_seisan() with sudo on production hosts and reviewing/locking sources, adding checksum verification, and avoiding copying bundled libraries into system paths.

This module performs unsolicited collection of host identifying information (uname -a) and exfiltrates it, with a timestamp, to a hardcoded external IP over plaintext HTTP immediately on module load. The behavior fits likely malicious telemetry/backdoor patterns. Do not use this package in trusted supply chains; remove and audit any systems that have imported it.

The code presents significant security risks due to automatic updates without user consent, potential arbitrary code execution, and reliance on an external API. These behaviors could lead to malicious activities if the external API is compromised. Caution is advised when using this code.

The package contains a post-installation script that automatically executes a curl command. This script gathers sensitive system information — including the public IP address, hostname, username, current working directory, operating system details, and environment variables — and sends it via a POST request to an external server (e.g., https://example.com). This behavior is indicative of data exfiltration, representing a significant security risk as it can lead to unauthorized access and misuse of system data.

Live on npm for 12 days, 20 hours and 34 minutes before removal. Socket users were protected even while the package was live.

This module implements a flexible plugin/agent/tool execution model that intentionally executes Python code loaded from package or user directories. That design is dangerous because it permits arbitrary code execution via exec() when plugins, agents, or tools are loaded from untrusted locations. There are additional risky behaviors: shell execution for editing configuration, writing generated system messages to disk, and populating API keys from .env which are then used when contacting external AI backends. I found no clear, direct backdoor or network-exfiltration payload hardcoded in this fragment, but the dynamic exec/exec-of-file pattern and the user-writable plugin directories create a significant supply-chain/security risk. Recommend treating any plugins/tools/agents as untrusted, auditing their contents, running with least privilege, disabling loading from user directories unless necessary, and avoiding setting DEFAULT_TEXT_EDITOR to untrusted values. The code also appears partially corrupted/truncated in places, increasing uncertainty and warranting caution.

The code snippet performs a network operation that sends environment variables to an external server, which is suspicious and constitutes a potential privacy violation or data exfiltration risk. While the code is not obfuscated and does not contain direct malware behaviors, the unauthorized transmission of environment data to an unknown domain is a significant security concern. This behavior warrants a moderate to high security risk and malware suspicion score.

The reports are inadequate and do not provide any meaningful insights into the security of the open source dependency. There is no evidence of malicious intent, obfuscation, or security risks in the code based on the reports.

Live on npm for 25 minutes before removal. Socket users were protected even while the package was live.

This is malicious tracking malware that systematically steals browser storage data and transmits it to external domains using sophisticated fallback mechanisms and obfuscation techniques. The code is designed to evade detection while ensuring successful data exfiltration.

This code is malicious in intent: it automates fraudulent interaction with a banking website, contains hardcoded sensitive credentials, evades automation detection, prompts an operator to supply OTPs (social-engineering), performs money transfers, and persists session state to disk for reuse. It should be treated as a tool for account takeover and financial theft. Do not run it; remove any storage_state files and investigate systems where it executed. The snippet also contains syntax errors and is incomplete, but those do not mitigate the clearly malicious purpose.

The fragment demonstrates unusual and potentially dangerous behavior: it reads contract code and uses Hardhat-specific tooling to overwrite code at a fixed address, then configures that injected contract with an external hyperCoreWrite value. This creates a plausible backdoor-like pathway or at least a perception of code tampering within a repository. In normal production code, such setCode usage and fixed-address code injection would be inappropriate and should be removed or guarded behind explicit test-only guards. Further review of intent, test harness context, and access controls is recommended before trusting or publishing this code in a public package.

This script poses a high security risk as it is downloading and executing a shell script from an external source. The contents of the script should be thoroughly inspected to ensure it is not malicious.

Live on npm for 15 days, 10 hours and 28 minutes before removal. Socket users were protected even while the package was live.

The provided code contains a covert data-exfiltration routine: it collects local identifiers and the machine's public IP, encodes them into a subdomain and performs a DNS resolution to an externally controlled domain (gfde.site). The exfiltration logic is obfuscated (hex-encoded strings/modules), runs automatically, and is unrelated to the exported utility functions. This behavior is malicious in a software supply-chain context. Remove or isolate this code and consider the package compromised.

This code is malicious or at minimum intentionally dangerous. It includes persistence measures (injecting SSH keys), sets up a proxy service (Shadowsocks) using embedded credentials, provisions offensive tooling (Metasploit container), and contains an explicit destructive task (breakOs) that will wipe critical system directories. The module provides unfettered remote command execution and file upload capabilities. Do not run this code on any system you care about; consider it hostile and remove or quarantine it.

The code snippet contains a fetch request to a potentially suspicious domain, which could indicate unauthorized data transmission or communication with a malicious server. The lack of obfuscation suggests the code is not intentionally hidden, but the use of the 'oast.fun' domain warrants further investigation.

Live on npm for 13 days, 9 hours and 10 minutes before removal. Socket users were protected even while the package was live.

The code implements a client-side tracking system that collects and encrypts user interaction and device data, sending it to a hardcoded private IP address. The use of static cryptographic keys and secrets, combined with silent data exfiltration, constitutes a moderate to high security risk and potential privacy violation. While no explicit malware such as backdoors or system damage is present, the behavior aligns with spyware or covert telemetry. Users should be warned about privacy implications, and the package should be treated as suspicious in software supply chains.

This file is a standard pure-Python pickle implementation (fallback when _pickle C extension is unavailable). It does not itself contain network exfiltration, hidden backdoors, hard-coded secrets, or obfuscation beyond normal Python constructs. The main security risk is the well-known, by-design capability of pickle to execute arbitrary code when deserializing crafted input: dynamic imports, attribute lookup, function/class invocation, and __setstate__ are all present and able to run attacker-controlled code. Use only with trusted data; treat unpickling as a strong security boundary. No additional malicious indicators were found in this file.

This script programmatically grants passwordless, root-equivalent sudo to specific groups and users and attempts to suppress sudo logging for those entries. Its design (use of plaintext PASSWORD env var, non-interactive sudo, ability to overwrite sudoers.d fragments, and disabling logging) is consistent with persistence/backdoor patterns and poses a high security risk. Treat the code as dangerous: do not run on production or sensitive hosts. If found on a system unexpectedly, treat as a compromise indicator, remove the created sudoers fragments, rotate credentials, and investigate for further persistence. Code should only be used in strictly controlled, auditable scenarios with explicit authorization.

This code is malicious in intent: it automates fraudulent interaction with a banking website, contains hardcoded sensitive credentials, evades automation detection, prompts an operator to supply OTPs (social-engineering), performs money transfers, and persists session state to disk for reuse. It should be treated as a tool for account takeover and financial theft. Do not run it; remove any storage_state files and investigate systems where it executed. The snippet also contains syntax errors and is incomplete, but those do not mitigate the clearly malicious purpose.

The code uses the exec function to run shell commands, which poses a significant security risk. It could potentially execute malicious code if the input to exec is manipulated. Redirecting output to /dev/null to hide execution details is suspicious.

Live on npm for 12 minutes before removal. Socket users were protected even while the package was live.

This index file is not itself executing malicious actions, but it exposes functions whose names and module placement strongly indicate credential harvesting, exfiltration, automation, and remote control capabilities implemented in other files. The package should be considered high-risk until the referenced implementation modules are analyzed; do not use in production or on sensitive hosts without review. Immediate action: inspect the lib/*.js files listed and block/sandbox the package if review cannot be completed.

This module contains explicit data-exfiltration behavior: a plaintext Telegram bot token and an unconditional upload of a specific local file to a remote Telegram chat when executed. In a repository or dependency this constitutes a high-risk backdoor and credential leak. Treat as malicious/unsafe for reuse in packages; revoke the token and remove or modify the code to require explicit, authenticated configuration before any network file transfer.

This installer creates a persistent reverse SSH tunnel to a hardcoded remote host (jet@hq.vyomos.org) using a private key saved to disk and disables SSH host key checking. Combined with automatic systemd service creation and persistent restart, this behaves like a backdoor/persistent remote access mechanism. The module also performs privileged package installs and writes persistent system configuration. If the remote endpoint is not fully trusted and the operator did not explicitly consent, running this on production or sensitive systems is high risk. Recommend not executing this installer without vendor verification, removing or requiring explicit confirmation for reverse SSH setup, and replacing hardcoded endpoints/disabled host verification with operator-controlled, audited configuration.

The script collects various system and package information, such as hostname, home directory, and DNS servers, and sends it to a remote server.

Live on npm for 4 hours and 53 minutes before removal. Socket users were protected even while the package was live.

The code presents a moderate to high security risk due to the potential obfuscation, error handling, and low-level memory manipulation. Caution should be exercised when using this code.

This module is a wrapper for Seisan seismic tools and a formatter for STATION0.HYP files. It performs numerous system-level operations: downloading and extracting external software, installing system packages via apt-get with sudo, copying a packaged lib into /usr/lib, and executing external Seisan binaries via pexpect/subprocess. There is no clear code that exfiltrates secrets or establishes backdoors, but the lack of integrity checks on downloads, the requirement for root operations, and frequent shell command usage create substantial supply-chain and privilege escalation risk. Use in environments where the package or its downloaded content could be tampered with is dangerous. Recommend not running download_seisan() with sudo on production hosts and reviewing/locking sources, adding checksum verification, and avoiding copying bundled libraries into system paths.

This module performs unsolicited collection of host identifying information (uname -a) and exfiltrates it, with a timestamp, to a hardcoded external IP over plaintext HTTP immediately on module load. The behavior fits likely malicious telemetry/backdoor patterns. Do not use this package in trusted supply chains; remove and audit any systems that have imported it.

The code presents significant security risks due to automatic updates without user consent, potential arbitrary code execution, and reliance on an external API. These behaviors could lead to malicious activities if the external API is compromised. Caution is advised when using this code.

The package contains a post-installation script that automatically executes a curl command. This script gathers sensitive system information — including the public IP address, hostname, username, current working directory, operating system details, and environment variables — and sends it via a POST request to an external server (e.g., https://example.com). This behavior is indicative of data exfiltration, representing a significant security risk as it can lead to unauthorized access and misuse of system data.

Live on npm for 12 days, 20 hours and 34 minutes before removal. Socket users were protected even while the package was live.

This module implements a flexible plugin/agent/tool execution model that intentionally executes Python code loaded from package or user directories. That design is dangerous because it permits arbitrary code execution via exec() when plugins, agents, or tools are loaded from untrusted locations. There are additional risky behaviors: shell execution for editing configuration, writing generated system messages to disk, and populating API keys from .env which are then used when contacting external AI backends. I found no clear, direct backdoor or network-exfiltration payload hardcoded in this fragment, but the dynamic exec/exec-of-file pattern and the user-writable plugin directories create a significant supply-chain/security risk. Recommend treating any plugins/tools/agents as untrusted, auditing their contents, running with least privilege, disabling loading from user directories unless necessary, and avoiding setting DEFAULT_TEXT_EDITOR to untrusted values. The code also appears partially corrupted/truncated in places, increasing uncertainty and warranting caution.

The code snippet performs a network operation that sends environment variables to an external server, which is suspicious and constitutes a potential privacy violation or data exfiltration risk. While the code is not obfuscated and does not contain direct malware behaviors, the unauthorized transmission of environment data to an unknown domain is a significant security concern. This behavior warrants a moderate to high security risk and malware suspicion score.

The reports are inadequate and do not provide any meaningful insights into the security of the open source dependency. There is no evidence of malicious intent, obfuscation, or security risks in the code based on the reports.

Live on npm for 25 minutes before removal. Socket users were protected even while the package was live.

This is malicious tracking malware that systematically steals browser storage data and transmits it to external domains using sophisticated fallback mechanisms and obfuscation techniques. The code is designed to evade detection while ensuring successful data exfiltration.

This code is malicious in intent: it automates fraudulent interaction with a banking website, contains hardcoded sensitive credentials, evades automation detection, prompts an operator to supply OTPs (social-engineering), performs money transfers, and persists session state to disk for reuse. It should be treated as a tool for account takeover and financial theft. Do not run it; remove any storage_state files and investigate systems where it executed. The snippet also contains syntax errors and is incomplete, but those do not mitigate the clearly malicious purpose.

The fragment demonstrates unusual and potentially dangerous behavior: it reads contract code and uses Hardhat-specific tooling to overwrite code at a fixed address, then configures that injected contract with an external hyperCoreWrite value. This creates a plausible backdoor-like pathway or at least a perception of code tampering within a repository. In normal production code, such setCode usage and fixed-address code injection would be inappropriate and should be removed or guarded behind explicit test-only guards. Further review of intent, test harness context, and access controls is recommended before trusting or publishing this code in a public package.

This script poses a high security risk as it is downloading and executing a shell script from an external source. The contents of the script should be thoroughly inspected to ensure it is not malicious.

Live on npm for 15 days, 10 hours and 28 minutes before removal. Socket users were protected even while the package was live.

The provided code contains a covert data-exfiltration routine: it collects local identifiers and the machine's public IP, encodes them into a subdomain and performs a DNS resolution to an externally controlled domain (gfde.site). The exfiltration logic is obfuscated (hex-encoded strings/modules), runs automatically, and is unrelated to the exported utility functions. This behavior is malicious in a software supply-chain context. Remove or isolate this code and consider the package compromised.