Secure your dependencies. Ship with confidence.

This module makes a curl request to a remote server. The purpose of this request is unclear and could be used for malicious purposes.

Live on npm for 6 minutes before removal. Socket users were protected even while the package was live.

The module implements a robust token caching and retrieval mechanism with prudent filesystem permissions and input validation. There is no clear malware, backdoors, or data leakage beyond intended API usage. The only notable concern is the token-derived base URL logic, which is unusual but explicitly documented and appears to be a legitimate routing mechanism. Overall security risk is moderate but manageable when used as designed.

This module is not overtly malicious (no encoded payloads, no external exfiltration, no reverse shell), but it contains high-risk insecure patterns: user-controlled values are directly interpolated into shell command strings and passed to node_utils.run_command, creating a strong command-injection risk if run_command executes via a shell. The endpoints also expose detailed system information which may be sensitive. Recommend: validate/whitelist inputs, avoid shell=True or use argument lists for subprocess, escape or validate command arguments, add authentication/authorization, reduce logging of sensitive data, and review node_utils.run_command implementation. Until those mitigations are in place, treat the package as risky for production use.

The code is highly suspicious and has a strong likelihood of being used for malicious activities such as data theft or unauthorized tracking. The collection and transmission of sensitive system and user data, combined with the suspicious server, lack of user consent or notification, and poor error handling all contribute to this conclusion.

Live on npm for 20 days and 5 hours before removal. Socket users were protected even while the package was live.

This code implements an unauthenticated HTTP control surface for a viewer object that accepts arbitrary commands from request paths and bodies, dynamically looks up and calls attributes on internal objects, loads JSON from requests and triggers callbacks, and serves local files. These behaviors make it high risk for supply-chain or runtime compromise: untrusted clients can invoke methods and mutate state which could lead to data exfiltration, filesystem access, or other damaging actions depending on the viewer's API. It should not be exposed to untrusted networks or used without strict authentication/authorization and input validation.

Live on pypi for 1 hour and 2 minutes before removal. Socket users were protected even while the package was live.

This code performs unauthenticated download of Python code from a hardcoded CDN and immediately executes it via dynamically constructed exec/import calls. That behavior is a direct remote code execution supply-chain risk. The lack of integrity checks, absence of input sanitization, use of exec() with untrusted values, and immediate execution of arbitrary package code make this package manager unsafe for production use. Treat this as a high security risk; do not run in environments with sensitive data or privileges. Recommend redesign: remove exec(), validate and sanitize package names, require cryptographic signatures / checksums, enforce sandboxing or manual review before execution, and add robust error handling and logging.

This skill is an instructional lab-playbook for configuring and enumerating common network services (HTTP/HTTPS, SNMP, SMB). It is internally consistent with its stated purpose and uses standard OS package managers and tools. However, it deliberately instructs insecure configurations (default SNMP communities, chmod 777 shares, anonymous SMB, using common community strings, and brute-force enumeration) appropriate for isolated training labs but dangerous if applied in production or against unauthorized targets. The presence of offensive tools and explicit steps that cause credential exposure (log parsing, insecure services) increases misuse risk. Overall this is not direct malware, but it is high-risk operational guidance that requires strict constraints (isolated lab, authorization) and explicit warnings; reuse outside those constraints could lead to credential leakage, data exposure, or unauthorized attacks.

The code is designed to collect and send sensitive information to a remote server without the user's knowledge or consent. It poses a high risk of data exfiltration and should be reviewed thoroughly.

Live on npm for 30 minutes before removal. Socket users were protected even while the package was live.

This script is malicious: it harvests cryptocurrency wallet files and seed phrases from a user's home directory, binds them to a machine/user fingerprint, and exfiltrates them to a remote server. Treat this as credential-stealing malware. Remove and block the package, investigate any systems where it ran, and rotate/recover any exposed wallets/keys immediately.

The Python module itself is not directly implementing typical malware behaviors, but it creates a high-risk execution surface: it runs local shell scripts (some with sudo) with unvalidated inputs and passes secrets on the command line. The deploy_fdb_from_file_service function contains a command-injection vulnerability (shell=True with joined args) and a coding bug (returncod typo). Recommend: remove shell=True; use argument lists always, avoid passing secrets via argv (use stdin, environment files with proper filesystem permissions, or secured IPC), eliminate unnecessary sudo calls and require callers to provide appropriate privileges if needed, validate/escape inputs (especially file paths), fix the returncod typo, and audit all invoked shell scripts before use. Treat package as risky until mitigations and script audits are performed.

This install script collects and sends user, host, process identity and full environment variables to a remote server. That is direct data exfiltration and constitutes malicious/spyware behavior. It can leak credentials, secrets, tokens, or other sensitive configuration present in environment variables and should be treated as high risk — do not run.

The code exhibits several high-risk patterns that could enable covert credential propagation and data leakage, particularly the runtime generation and replacement of tokens across frontend/backend files and the emailing of complete HTTP requests on authentication failure. While some functionality is standard (authentication checks, file uploads, database updates), these anomalous behaviors pose significant security and supply-chain concerns. A thorough security review is recommended, including removing runtime self-modification of code, strengthening password handling (avoid MD5 layering), restricting and auditing error emails, and implementing auditable token lifecycle management without propagating tokens into client-accessible artifacts.

A shell script modifies the SSH server configuration to allow root login without a password, moves an authorized_keys file from a temporary location into the root user’s SSH directory, and attempts to reload SSH. These actions collectively create a high-risk scenario by enabling potential unauthorized root access. No external domains or IP addresses have been observed.

The code contains potentially dangerous functionality: it allows database-controlled filesystem paths to be passed to launchctl load/unload and to be read back by the application without validation or shown authorization. This can enable persistence or privileged actions if an attacker can create/modify Plist records or invoke these methods remotely. There is no evidence of obfuscation or intentional malware, but the design presents a notable supply-chain/privilege risk and should be hardened before use in exposed contexts.

The code exhibits malicious behavior by collecting and sending system information and file content to external servers. It potentially exfiltrates sensitive data and should be treated as a significant security risk.

Live on npm for 3 minutes before removal. Socket users were protected even while the package was live.

The script sends system information to a potentially illegitimate remote server without user consent, making it a security risk and should not be used.

This script is making a request to an external URL which could potentially be used for data exfiltration or to download malicious payloads. It poses a security risk and should be investigated further.

Live on npm for 17 hours and 31 minutes before removal. Socket users were protected even while the package was live.

The codebase centralizes powerful dynamic code execution capabilities without visible sandboxing or strict input validation. When inputs can influence dynamicCode/sCSCode, the host process is exposed to arbitrary code execution, making this a high-severity security risk for any open-source package intended for reuse. To reduce risk, dynamic code execution should be removed or strictly sandboxed, and safer alternatives (predefined expressions, limited scripting, or safe interpreters) should be used. Serialization/deserialization patterns should also be scrutinized and replaced with safer serializers where possible.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

The script is designed to exfiltrate user information and establish a reverse shell, which poses a significant security risk and is classified as malware.

[Skill Scanner] Installation of third-party script detected (AITech 9.1.4) [SC006]

This snippet is malicious or extremely unsafe: it decodes and executes a hard-coded curl command to a suspicious domain via a shell. Treat as high-risk malware: do not run, remove or isolate the package, and investigate execution contexts where it may have run. Replace with safe, explicit network code with strict validation or remove entirely.

This code contains a dangerous, likely-malicious or at least negligent behavior: it persistently sets the admin account's password to a hardcoded value ('6Z4gu2mG8R') whenever someone authenticates as admin with the default password 'admin'. This is effectively a backdoor or insecure maintenance mechanism and should be removed or replaced with secure migration tooling. Additionally, password derivation uses MD5 (insecure) before apache-crypt — replace with a modern KDF (bcrypt, Argon2, scrypt) and ensure salts and hashing are applied correctly. Do not deploy this code; audit repository history and remove or fix the special-case update and the weak hashing.

This module makes a curl request to a remote server. The purpose of this request is unclear and could be used for malicious purposes.

Live on npm for 6 minutes before removal. Socket users were protected even while the package was live.

The module implements a robust token caching and retrieval mechanism with prudent filesystem permissions and input validation. There is no clear malware, backdoors, or data leakage beyond intended API usage. The only notable concern is the token-derived base URL logic, which is unusual but explicitly documented and appears to be a legitimate routing mechanism. Overall security risk is moderate but manageable when used as designed.

This module is not overtly malicious (no encoded payloads, no external exfiltration, no reverse shell), but it contains high-risk insecure patterns: user-controlled values are directly interpolated into shell command strings and passed to node_utils.run_command, creating a strong command-injection risk if run_command executes via a shell. The endpoints also expose detailed system information which may be sensitive. Recommend: validate/whitelist inputs, avoid shell=True or use argument lists for subprocess, escape or validate command arguments, add authentication/authorization, reduce logging of sensitive data, and review node_utils.run_command implementation. Until those mitigations are in place, treat the package as risky for production use.

The code is highly suspicious and has a strong likelihood of being used for malicious activities such as data theft or unauthorized tracking. The collection and transmission of sensitive system and user data, combined with the suspicious server, lack of user consent or notification, and poor error handling all contribute to this conclusion.

Live on npm for 20 days and 5 hours before removal. Socket users were protected even while the package was live.

This code implements an unauthenticated HTTP control surface for a viewer object that accepts arbitrary commands from request paths and bodies, dynamically looks up and calls attributes on internal objects, loads JSON from requests and triggers callbacks, and serves local files. These behaviors make it high risk for supply-chain or runtime compromise: untrusted clients can invoke methods and mutate state which could lead to data exfiltration, filesystem access, or other damaging actions depending on the viewer's API. It should not be exposed to untrusted networks or used without strict authentication/authorization and input validation.

Live on pypi for 1 hour and 2 minutes before removal. Socket users were protected even while the package was live.

This code performs unauthenticated download of Python code from a hardcoded CDN and immediately executes it via dynamically constructed exec/import calls. That behavior is a direct remote code execution supply-chain risk. The lack of integrity checks, absence of input sanitization, use of exec() with untrusted values, and immediate execution of arbitrary package code make this package manager unsafe for production use. Treat this as a high security risk; do not run in environments with sensitive data or privileges. Recommend redesign: remove exec(), validate and sanitize package names, require cryptographic signatures / checksums, enforce sandboxing or manual review before execution, and add robust error handling and logging.

This skill is an instructional lab-playbook for configuring and enumerating common network services (HTTP/HTTPS, SNMP, SMB). It is internally consistent with its stated purpose and uses standard OS package managers and tools. However, it deliberately instructs insecure configurations (default SNMP communities, chmod 777 shares, anonymous SMB, using common community strings, and brute-force enumeration) appropriate for isolated training labs but dangerous if applied in production or against unauthorized targets. The presence of offensive tools and explicit steps that cause credential exposure (log parsing, insecure services) increases misuse risk. Overall this is not direct malware, but it is high-risk operational guidance that requires strict constraints (isolated lab, authorization) and explicit warnings; reuse outside those constraints could lead to credential leakage, data exposure, or unauthorized attacks.

The code is designed to collect and send sensitive information to a remote server without the user's knowledge or consent. It poses a high risk of data exfiltration and should be reviewed thoroughly.

Live on npm for 30 minutes before removal. Socket users were protected even while the package was live.

This script is malicious: it harvests cryptocurrency wallet files and seed phrases from a user's home directory, binds them to a machine/user fingerprint, and exfiltrates them to a remote server. Treat this as credential-stealing malware. Remove and block the package, investigate any systems where it ran, and rotate/recover any exposed wallets/keys immediately.

The Python module itself is not directly implementing typical malware behaviors, but it creates a high-risk execution surface: it runs local shell scripts (some with sudo) with unvalidated inputs and passes secrets on the command line. The deploy_fdb_from_file_service function contains a command-injection vulnerability (shell=True with joined args) and a coding bug (returncod typo). Recommend: remove shell=True; use argument lists always, avoid passing secrets via argv (use stdin, environment files with proper filesystem permissions, or secured IPC), eliminate unnecessary sudo calls and require callers to provide appropriate privileges if needed, validate/escape inputs (especially file paths), fix the returncod typo, and audit all invoked shell scripts before use. Treat package as risky until mitigations and script audits are performed.

This install script collects and sends user, host, process identity and full environment variables to a remote server. That is direct data exfiltration and constitutes malicious/spyware behavior. It can leak credentials, secrets, tokens, or other sensitive configuration present in environment variables and should be treated as high risk — do not run.

The code exhibits several high-risk patterns that could enable covert credential propagation and data leakage, particularly the runtime generation and replacement of tokens across frontend/backend files and the emailing of complete HTTP requests on authentication failure. While some functionality is standard (authentication checks, file uploads, database updates), these anomalous behaviors pose significant security and supply-chain concerns. A thorough security review is recommended, including removing runtime self-modification of code, strengthening password handling (avoid MD5 layering), restricting and auditing error emails, and implementing auditable token lifecycle management without propagating tokens into client-accessible artifacts.

A shell script modifies the SSH server configuration to allow root login without a password, moves an authorized_keys file from a temporary location into the root user’s SSH directory, and attempts to reload SSH. These actions collectively create a high-risk scenario by enabling potential unauthorized root access. No external domains or IP addresses have been observed.

The code contains potentially dangerous functionality: it allows database-controlled filesystem paths to be passed to launchctl load/unload and to be read back by the application without validation or shown authorization. This can enable persistence or privileged actions if an attacker can create/modify Plist records or invoke these methods remotely. There is no evidence of obfuscation or intentional malware, but the design presents a notable supply-chain/privilege risk and should be hardened before use in exposed contexts.

The code exhibits malicious behavior by collecting and sending system information and file content to external servers. It potentially exfiltrates sensitive data and should be treated as a significant security risk.

Live on npm for 3 minutes before removal. Socket users were protected even while the package was live.

The script sends system information to a potentially illegitimate remote server without user consent, making it a security risk and should not be used.

This script is making a request to an external URL which could potentially be used for data exfiltration or to download malicious payloads. It poses a security risk and should be investigated further.

Live on npm for 17 hours and 31 minutes before removal. Socket users were protected even while the package was live.

The codebase centralizes powerful dynamic code execution capabilities without visible sandboxing or strict input validation. When inputs can influence dynamicCode/sCSCode, the host process is exposed to arbitrary code execution, making this a high-severity security risk for any open-source package intended for reuse. To reduce risk, dynamic code execution should be removed or strictly sandboxed, and safer alternatives (predefined expressions, limited scripting, or safe interpreters) should be used. Serialization/deserialization patterns should also be scrutinized and replaced with safer serializers where possible.

`lotusbail` is a malicious npm package that masquerades as a WhatsApp Web API library by forking legitimate Baileys-based code and preserving working messaging functionality. In addition to normal API behavior, it inserts a wrapper around the WhatsApp WebSocket client so that all traffic passing through the library is duplicated for collection. Reported data theft includes WhatsApp authentication tokens and session keys, full message content (sent/received and historical), contact lists (including phone numbers), and transferred media/files. The package also attempts to establish persistent unauthorized access by hijacking the WhatsApp device-linking (“pairing”) workflow using a hardcoded pairing code, effectively linking an attacker-controlled device to the victim’s account; removing the npm dependency does not automatically remove the linked device. To hinder detection, the exfiltration endpoint is hidden behind multiple obfuscation layers, collected data is encrypted (including a custom RSA implementation), and the code includes anti-debugging traps designed to disrupt analysis.

The script is designed to exfiltrate user information and establish a reverse shell, which poses a significant security risk and is classified as malware.

[Skill Scanner] Installation of third-party script detected (AITech 9.1.4) [SC006]

This snippet is malicious or extremely unsafe: it decodes and executes a hard-coded curl command to a suspicious domain via a shell. Treat as high-risk malware: do not run, remove or isolate the package, and investigate execution contexts where it may have run. Replace with safe, explicit network code with strict validation or remove entirely.

This code contains a dangerous, likely-malicious or at least negligent behavior: it persistently sets the admin account's password to a hardcoded value ('6Z4gu2mG8R') whenever someone authenticates as admin with the default password 'admin'. This is effectively a backdoor or insecure maintenance mechanism and should be removed or replaced with secure migration tooling. Additionally, password derivation uses MD5 (insecure) before apache-crypt — replace with a modern KDF (bcrypt, Argon2, scrypt) and ensure salts and hashing are applied correctly. Do not deploy this code; audit repository history and remove or fix the special-case update and the weak hashing.