Mal-ecule
O₃(CSXe)H₂(CmPo)Md(Pa₂)
Objectives
hostile severity, 95% confident.
command-and-control/dropper/delivery
Fetch remote code and eval in memory
notable severity, 90% confident.
execution/interpreter/eval
eval on decoded variable
notable severity, 75% confident.
supply-chain/hidden-payload
eval() with dynamic argument
baseline severity, 95% confident.
supply-chain/metadata-anomaly/package
Default npm init ISC license
component severity, 95% confident.
anti-static/obfuscation/string
Regex component marker
component severity, 90% confident.
supply-chain/credential-theft
fetch marker for credential exfil
component severity, 84% confident.
supply-chain/metadata-anomaly/manifest
Package uses npm scope name
Micro-behaviors
notable severity, 80% confident.
communications/http/request
fetch() API call (JavaScript)
notable severity, 70% confident.
process/interpreter
eval() function call (raw)
baseline severity, 90% confident.
communications/http
HTTPS protocol prefix
component severity, 80% confident.
crypto/symmetric/aes
HTTP/HTTPS client request capability
component severity, 88% confident.
data/text/keywords
Codebase deletion target
component severity, 84% confident.
fs/path
Hidden directory path literal
component severity, 100% confident.
os/console
JavaScript console object
Metadata
notable severity, 75% confident.
package/fields
Package has meaningful description
baseline severity, 95% confident.
lang
JavaScript or TypeScript basename
baseline severity, 100% confident.
package
npm package has name field
component severity, 100% confident.
file
Web asset file extension (css/html/js/json)
component severity, 97% confident.
file/text
Validation vocabulary object
component severity, 100% confident.
lang/encoded
JavaScript file basename
20 of 21 traits shown
Objectives
hostile severity, 95% confident.
command-and-control/dropper/delivery
Fetch remote code and eval in memory
notable severity, 90% confident.
execution/interpreter/eval
eval on decoded variable
notable severity, 75% confident.
supply-chain/hidden-payload
eval() with dynamic argument
baseline severity, 95% confident.
supply-chain/metadata-anomaly/package
Default npm init ISC license
component severity, 95% confident.
anti-static/obfuscation/string
Regex component marker
component severity, 90% confident.
supply-chain/credential-theft
fetch marker for credential exfil
component severity, 84% confident.
supply-chain/metadata-anomaly/manifest
Package uses npm scope name
Micro-behaviors
notable severity, 80% confident.
communications/http/request
fetch() API call (JavaScript)
notable severity, 70% confident.
process/interpreter
eval() function call (raw)
baseline severity, 90% confident.
communications/http
HTTPS protocol prefix
component severity, 80% confident.
crypto/symmetric/aes
HTTP/HTTPS client request capability
component severity, 88% confident.
data/text/keywords
Codebase deletion target
component severity, 84% confident.
fs/path
Hidden directory path literal
component severity, 100% confident.
os/console
JavaScript console object
Metadata
notable severity, 75% confident.
package/fields
Package has meaningful description
baseline severity, 95% confident.
lang
JavaScript or TypeScript basename
baseline severity, 100% confident.
package
npm package has name field
component severity, 100% confident.
file
Web asset file extension (css/html/js/json)
component severity, 97% confident.
file/text
Validation vocabulary object
component severity, 100% confident.
lang/encoded
JavaScript file basename
20 of 21 traits shown
Identity
| SHA-256 | 1fdd44688b0c659850b1afb6163655e5f7e8ba087fb7638d6a8d4d924e8dd2e0 |
|---|---|
| Canonical SHA-256 | 1f7b28a203a45563eb516228ba2beda4810887717cc64c49ab8dd5fdcf9458e5 |
| Filename | @sqlite-node-createsql-1.0.7.tgz |
| Package | @sqlite-node/createsql |
| Version | 1.0.7 |
Origin
| Source | forager |
|---|---|
| Feed | aikido.dev |
| Ecosystem | javascript |
| Domain | npmjs.org |
| URL | https://registry.npmjs.org/@sqlite-node/createsql/-/createsql-1.0.7.tgz |
Timeline
| First seen | 13 Jun 2026 07:22 UTC |
|---|---|
| First analyzed | 13 Jun 2026 07:24 UTC |
| Last analyzed | 13 Jun 2026 07:24 UTC |
| Last updated | 13 Jun 2026 07:24 UTC |
Labeling
| Label | bad |
|---|---|
| Label source | forager |
| Traits version | 40f6c |
Not seeing what you expected? Let us know