npm · registry.npmjs.org
@lyrie/core
Js Decode Then Exec: base64 / atob / fromCharCode decode adjacent to eval / new Function — canonical obfuscated-loader pattern.
Why PkgRadar flagged 3.1.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Js Decode Then Exec | base64 / atob / fromCharCode decode adjacent to eval / new Function — canonical obfuscated-loader pattern. · package/src/pentest/poc-gen/generators/xss.ts |
| high | DNS / OAST exfiltration | matched "burpcollaborator.net" · package/src/pentest/poc-gen/generators/ssrf.ts |
| medium | Remote Payload | matched "api.telegram.org/bot" · package/src/tools/messaging/message-tool.ts |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
3.1.0 | High risk | 102 | 2026-06-10 |
Related campaigns
- credential_paths:matched "aws_secret_access_key" — 11 releases, max score 344
Block this in CI
pkgradar gate --ecosystem npm @lyrie/[email protected]