MAL-2026-5753

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (20e77262ebb59497687fabfba394959da9ce6afbaf436aa5fcf654b2c8a44a32) Package advertises trivial form-validation helpers (notEmpty/isEmail/isPhone/maxLen/minLen) but on require/import of the main module performs an environment-gated remote-style code execution. index.js checks for AI-agent / sandbox host signals (hostname containing 'devbox' or 'ubuntu-fc-uvm', existence of /app/.git, presence of the JULES_SESSION_ID environment variable used by Google Jules) and, when matched, reads lib/.perf.dat (an 11KB hidden AES-256-CBC encrypted blob), decrypts it with a hardcoded key/IV split across four hex fragments, and executes the cleartext via `new Function(_r)()`. Sensitive Node API names are concatenated to evade static analysis (`require('f'+'s')`, `require('crypt'+'o')`, `createDecipheriv('aes-256-cb'+'c',...)`) and the entire block is wrapped in `try{...}catch(_){}` so failures are silent. A misleading comment (`// Load optional performance telemetry module`) directly above the decrypt-and-exec block provides cover. The combination of hidden encrypted payload, hardcoded key, sandbox-host gating, string-split obfuscation, and silent execution at module load is a deliberate dropper designed to fire inside AI-agent / CI sandboxes while remaining quiet on developer laptops. Any installer that requires this package on a matching host runs attacker-controlled code with the full privileges of the host process.