Mal-ecule
O(Xe)H₃(CmDbOs)
Objectives
notable severity, 90% confident.
execution/interpreter/eval
Ruby class_eval call
baseline severity, 75% confident.
anti-static/obfuscation/code-metrics
Many no-param functions
component severity, 95% confident.
anti-static/obfuscation/payload
Gzip-compressed data blob
component severity, 90% confident.
persistence/login
Regex component marker
component severity, 70% confident.
supply-chain/impersonation
RubyGems bindir is bin
component severity, 90% confident.
supply-chain/metadata-anomaly/manifest
PyPI metadata omits author email
component severity, 93% confident.
supply-chain/metadata-anomaly/registry
Regex component marker
Micro-behaviors
notable severity, 85% confident.
communications/http
Net::HTTP POST request
notable severity, 70% confident.
data/text
base64 encoding keyword
notable severity, 75% confident.
os/console
STDIN input normalization for interactive shell
baseline severity, 100% confident.
communications/http/lib
HTTP get symbol call
baseline severity, 75% confident.
data/serialize
Ruby JSON serialization call
baseline severity, 100% confident.
data/source/quality
Uses Base64 module
component severity, 84% confident.
data/text/keywords
password/token/api_key field keyword
component severity, 84% confident.
data/text/llm
"store" doc cue (storage instruction)
Metadata
baseline severity, 95% confident.
import
imports faraday
baseline severity, 95% confident.
import/ruby::dry
imports dry/configurable
baseline severity, 95% confident.
lang
Source references base64 (import or shell command)
baseline severity, 98% confident.
package
Rubygem internal archive structure file
component severity, 90% confident.
file/text
File has 30 or more lines
Objectives
notable severity, 90% confident.
execution/interpreter/eval
Ruby class_eval call
baseline severity, 75% confident.
anti-static/obfuscation/code-metrics
Many no-param functions
component severity, 95% confident.
anti-static/obfuscation/payload
Gzip-compressed data blob
component severity, 90% confident.
persistence/login
Regex component marker
component severity, 70% confident.
supply-chain/impersonation
RubyGems bindir is bin
component severity, 90% confident.
supply-chain/metadata-anomaly/manifest
PyPI metadata omits author email
component severity, 93% confident.
supply-chain/metadata-anomaly/registry
Regex component marker
Micro-behaviors
notable severity, 85% confident.
communications/http
Net::HTTP POST request
notable severity, 70% confident.
data/text
base64 encoding keyword
notable severity, 75% confident.
os/console
STDIN input normalization for interactive shell
baseline severity, 100% confident.
communications/http/lib
HTTP get symbol call
baseline severity, 75% confident.
data/serialize
Ruby JSON serialization call
baseline severity, 100% confident.
data/source/quality
Uses Base64 module
component severity, 84% confident.
data/text/keywords
password/token/api_key field keyword
component severity, 84% confident.
data/text/llm
"store" doc cue (storage instruction)
Metadata
baseline severity, 95% confident.
import
imports faraday
baseline severity, 95% confident.
import/ruby::dry
imports dry/configurable
baseline severity, 95% confident.
lang
Source references base64 (import or shell command)
baseline severity, 98% confident.
package
Rubygem internal archive structure file
component severity, 90% confident.
file/text
File has 30 or more lines
Identity
| SHA-256 | 9d1bc380aef110f1428e369aafd17eb8a276e93c131b6451904de60e98d3a4c3 |
|---|---|
| Filename | rest-easy-1.1.2.gem |
Origin
| Ecosystem | ruby |
|---|---|
| Domain | rubygems.org |
Timeline
| First seen | 15 May 2026 05:35 UTC |
|---|---|
| Last analyzed | 15 May 2026 06:47 UTC |
Not seeing what you expected? Let us know