ClawHub

A股实时热度排名TOP50

Security checks across malware telemetry and agentic risk

Overview

This appears to fetch public A-share stock rankings, but it also runs a large opaque JavaScript browser-emulation helper that is not clearly disclosed.

Review before installing. Use only in a restricted environment and avoid adding credentials or sensitive sessions. Prefer a version with readable JavaScript, declared Node dependencies, and explicit documentation of the browser-emulation behavior used for Wencai signature generation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Output HandlingUnvalidated Output Injection, Cross-Context Output, Unbounded Output
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Findings (4999)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
"""生成Hexin-V签名"""
        timestamp = f"{time.time():.3f}"
        try:
            result = subprocess.run(
                ['node', self.js_path, timestamp],
                capture_output=True,
                text=True,
Confidence
70% confidence
Finding
result = subprocess.run( ['node', self.js_path, timestamp], capture_output=True, text=True, timeout=10 )

Lp3

Medium
Category
MCP Least Privilege
Confidence
70% confidence
Finding
Without declared permissions the skill's intent is opaque and cannot be validated.

Tp2

High
Category
MCP Tool Poisoning
Confidence
85% confidence
Finding
Mixing characters from multiple Unicode scripts in a single identifier is a common technique to create visually ambiguous tool names.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The file builds a fake browser environment and deliberately spoofs navigator and DOM properties, including webdriver, plugins, mimeTypes, languages, platform, permissions, battery/media APIs, and canvas behavior. For a skill whose stated purpose is only to obtain A股实时热度排名TOP50, this stealth capability is not justified by the manifest and materially expands the skill into anti-detection automation.

Context-Inappropriate Capability

High
Confidence
92% confidence
Finding
The file simulates user behavior by tracking and randomly mutating mouse, click, and keydown-related values, and it also patches request/navigation-related browser behaviors such as XMLHttpRequest/fetch/open handling in the obfuscated logic. Those capabilities are characteristic of scripted browsing/session emulation, not a narrowly scoped stock hotness ranking retriever.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The manifest describes a data-retrieval skill that aggregates A-share heat rankings from three platforms. While outbound HTTP fetching is expected, spawning a local subprocess via Node.js adds host-execution capability that is materially broader than the stated purpose and is not disclosed in the manifest description.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The invocation description lists many generic phrases such as 'stock popularity ranking', 'market attention ranking', 'hot stock list', and 'trending stocks' as triggers. While finance-related, the file does not provide exclusion conditions or clear boundaries for when this skill should be chosen instead of other stock-analysis or market-summary skills, which can cause unintended invocation.

Natural-Language Policy Violations

Low
Confidence
78% confidence
Finding
The skill is explicitly scoped to A-share stocks and primarily described in Chinese, which may be acceptable for a China-market skill, but the document does not clearly state that it should be used only when the user requests Chinese/A-share market data. Without an explicit opt-in or boundary, this can violate locale-selection expectations for users asking for generic stock rankings.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
This JavaScript file sets up a JSDOM window pointed at an external site, overrides navigator/browser properties, and installs request-related hooks, but contains no comments, logs, prompts, or other user-visible disclosure explaining these safety-relevant actions. Because the file is code and highly obfuscated, a user or auditor would not be warned that it is simulating a browser environment and interacting with remote web content.

Natural-Language Policy Violations

Low
Confidence
90% confidence
Finding
This Python file includes natural-language locale preferences via the Accept-Language header set to zh-CN,zh;q=0.9,en;q=0.8. Because the skill does not expose a language/locale option or explain that it is intentionally region-specific, it can be seen as forcing a specific locale without user opt-in.

Natural-Language Policy Violations

Low
Confidence
88% confidence
Finding
The same locale policy issue appears again in another request definition where Accept-Language is fixed to zh-CN,zh;q=0.9,en;q=0.8. Repeating this pattern across requests reinforces that the skill assumes a locale rather than allowing user selection.

Natural-Language Policy Violations

Low
Confidence
88% confidence
Finding
This request again specifies Accept-Language as zh-CN,zh;q=0.9,en;q=0.8. Under the policy, forcing a specific language or locale is a natural-language policy concern unless the user is given a choice or the restriction is explicitly justified.

Natural-Language Policy Violations

Low
Confidence
88% confidence
Finding
The outbound header for the main Wencai data request explicitly prefers zh-CN and does not allow the user to opt into another language or locale. This matches the policy example of a skill forcing a specific language without user opt-in.

Natural-Language Policy Violations

Low
Confidence
86% confidence
Finding
This fetcher sets Accept-Language to zh-CN,zh;q=0.9 in code. Even if appropriate for the target site, the skill does not present this as a user choice or a documented regional constraint.

Natural-Language Policy Violations

Low
Confidence
86% confidence
Finding
This request repeats the same locale-forcing pattern by setting Accept-Language to zh-CN,zh;q=0.9. The policy allows locale constraints when they are clearly documented and justified, which is not done here in a way tied to user choice.

Unvalidated Output Injection

High
Category
Output Handling
Content
"""生成Hexin-V签名"""
        timestamp = f"{time.time():.3f}"
        try:
            result = subprocess.run(
                ['node', self.js_path, timestamp],
                capture_output=True,
                text=True,
Confidence
95% confidence
Finding
subprocess.run( ['node', self.js_path, timestamp], capture_output

Obfuscated Code

High
Category
Supply Chain
Content
var a0_0x4f9ee0=a0_0x45b5;(function(_0x2d51df,_0xd5e931){var _0x1c64eb=a0_0x45b5,_0x581c52=_0x2d51df();while(!![]){try{var _0x276e77=-parseInt(_0x1c64eb(0x51e))/0x1*(-parseInt(_0x1c64eb(0xbd0))/0x2)+parseInt(_0x1c64eb(0xc14))/0x3*(parseInt(_0x1c64eb(0x3ff))/0x4)+parseInt(_0x1c64eb(0xccf))/0x5*(parseInt(_0x1c64eb(0x758))/0x6)+parseInt(_0x1c64eb(0xb1b))/0x7+-parseInt(_0x1c64eb(0x1eb))/0x8*(parseInt(_0x1c64eb(0x522))/0x9)+parseInt(_0x1c64eb(0x291))/0xa*(parseInt(_0x1c64eb(0x418))/0xb)+parseInt(_0x1c64eb(0x71f))/0xc*(-parseInt(_0x1c64eb(0x201))/0xd);if(_0x276e77===_0xd5e931)break;else _0x581c52['push'](_0x581c52['shift']());}catch(_0xcb5e4b){_0x581c52['push'](_0x581c52['shift']());}}}(a0_0xe51c,0xa810e));var a0_0x147791=(function(){var _0x22a1db=!![];return function(_0x41bbf2,_0x3e5a95){var _0x3b1fc8=_0x22a1db?function(){if(_0x3e5a95){var _0x20e0b6=_0x3e5a95['apply'](_0x41bbf2,arguments);return _0x3e5a95=null,_0x20e0b6;}}:function(){};return _0x22a1db=![],_0x3b1fc8;};}()),a0_0x2291c3=a0_0x147791(this,function(){var _0xb712c4=a0_0x45b5,_0x38c6c1={};_0x38c6c1[_0xb712c4(0xbf8)]=_0xb712c4(0x11d);var _0x5c8321=_0x38c6c1;return a0_0x2291c3[_0xb712c4(0x363)]()[_0xb712c4(0x475)](_0x5c8321[_0xb712c4(0xbf8)])[_0xb712c4(0x363)]()[_0xb712c4(0xd2f)](a0_0x2291c3)[_0xb712c4(0x475)](_0x5c8321['hdHOF']);});a0_0x2291c3();const jsdom=require('jsdom'),{JSDOM}=jsdom,{Canvas}=require(a0_0x4f9ee0(0xb10));var a0_0x5a7e01={};a0_0x5a7e01[a0_0x4f9ee0(0xb82)]='https://www.iwencai.com/',a0_0x5a7e01[a0_0x4f9ee0(0xcfc)]=a0_0x4f9ee0(0x381),a0_0x5a7e01['contentType']='text/html',a0_0x5a7e01[a0_0x4f9ee0(0x88e)]=!![],a0_0x5a7e01[a0_0x4f9ee0(0xace)]=0x3e8,a0_0x5a7e01[a0_0x4f9ee0(0x7ff)]=!![];const dom=new JSDOM(a0_0x4f9ee0(0x4f5),a0_0x5a7e01);window=dom[a0_0x4f9ee0(0x757)],document=window[a0_0x4f9ee0(0xa86)],navigator=window[a0_0x4f9ee0(0x7f7)],window[a0_0x4f9ee0(0x385)][a0_0x4f9ee0(0x6ab)]['getContext']=function(_0xe77761){var _0x4c3db7=a0_0x4f9ee0,_0x404578={};_0x404578[_0x4c3db7(0xc29)]=function(_0x16b
...[truncated 28 chars]
Confidence
80% confidence
Finding
_0x2d51df(

Obfuscated Code

High
Category
Supply Chain
Content
var a0_0x4f9ee0=a0_0x45b5;(function(_0x2d51df,_0xd5e931){var _0x1c64eb=a0_0x45b5,_0x581c52=_0x2d51df();while(!![]){try{var _0x276e77=-parseInt(_0x1c64eb(0x51e))/0x1*(-parseInt(_0x1c64eb(0xbd0))/0x2)+parseInt(_0x1c64eb(0xc14))/0x3*(parseInt(_0x1c64eb(0x3ff))/0x4)+parseInt(_0x1c64eb(0xccf))/0x5*(parseInt(_0x1c64eb(0x758))/0x6)+parseInt(_0x1c64eb(0xb1b))/0x7+-parseInt(_0x1c64eb(0x1eb))/0x8*(parseInt(_0x1c64eb(0x522))/0x9)+parseInt(_0x1c64eb(0x291))/0xa*(parseInt(_0x1c64eb(0x418))/0xb)+parseInt(_0x1c64eb(0x71f))/0xc*(-parseInt(_0x1c64eb(0x201))/0xd);if(_0x276e77===_0xd5e931)break;else _0x581c52['push'](_0x581c52['shift']());}catch(_0xcb5e4b){_0x581c52['push'](_0x581c52['shift']());}}}(a0_0xe51c,0xa810e));var a0_0x147791=(function(){var _0x22a1db=!![];return function(_0x41bbf2,_0x3e5a95){var _0x3b1fc8=_0x22a1db?function(){if(_0x3e5a95){var _0x20e0b6=_0x3e5a95['apply'](_0x41bbf2,arguments);return _0x3e5a95=null,_0x20e0b6;}}:function(){};return _0x22a1db=![],_0x3b1fc8;};}()),a0_0x2291c3=a0_0x147791(this,function(){var _0xb712c4=a0_0x45b5,_0x38c6c1={};_0x38c6c1[_0xb712c4(0xbf8)]=_0xb712c4(0x11d);var _0x5c8321=_0x38c6c1;return a0_0x2291c3[_0xb712c4(0x363)]()[_0xb712c4(0x475)](_0x5c8321[_0xb712c4(0xbf8)])[_0xb712c4(0x363)]()[_0xb712c4(0xd2f)](a0_0x2291c3)[_0xb712c4(0x475)](_0x5c8321['hdHOF']);});a0_0x2291c3();const jsdom=require('jsdom'),{JSDOM}=jsdom,{Canvas}=require(a0_0x4f9ee0(0xb10));var a0_0x5a7e01={};a0_0x5a7e01[a0_0x4f9ee0(0xb82)]='https://www.iwencai.com/',a0_0x5a7e01[a0_0x4f9ee0(0xcfc)]=a0_0x4f9ee0(0x381),a0_0x5a7e01['contentType']='text/html',a0_0x5a7e01[a0_0x4f9ee0(0x88e)]=!![],a0_0x5a7e01[a0_0x4f9ee0(0xace)]=0x3e8,a0_0x5a7e01[a0_0x4f9ee0(0x7ff)]=!![];const dom=new JSDOM(a0_0x4f9ee0(0x4f5),a0_0x5a7e01);window=dom[a0_0x4f9ee0(0x757)],document=window[a0_0x4f9ee0(0xa86)],navigator=window[a0_0x4f9ee0(0x7f7)],window[a0_0x4f9ee0(0x385)][a0_0x4f9ee0(0x6ab)]['getContext']=function(_0xe77761){var _0x4c3db7=a0_0x4f9ee0,_0x404578={};_0x404578[_0x4c3db7(0xc29)]=function(_0x16b
...[truncated 28 chars]
Confidence
80% confidence
Finding
_0x1c64eb(

Obfuscated Code

High
Category
Supply Chain
Content
var a0_0x4f9ee0=a0_0x45b5;(function(_0x2d51df,_0xd5e931){var _0x1c64eb=a0_0x45b5,_0x581c52=_0x2d51df();while(!![]){try{var _0x276e77=-parseInt(_0x1c64eb(0x51e))/0x1*(-parseInt(_0x1c64eb(0xbd0))/0x2)+parseInt(_0x1c64eb(0xc14))/0x3*(parseInt(_0x1c64eb(0x3ff))/0x4)+parseInt(_0x1c64eb(0xccf))/0x5*(parseInt(_0x1c64eb(0x758))/0x6)+parseInt(_0x1c64eb(0xb1b))/0x7+-parseInt(_0x1c64eb(0x1eb))/0x8*(parseInt(_0x1c64eb(0x522))/0x9)+parseInt(_0x1c64eb(0x291))/0xa*(parseInt(_0x1c64eb(0x418))/0xb)+parseInt(_0x1c64eb(0x71f))/0xc*(-parseInt(_0x1c64eb(0x201))/0xd);if(_0x276e77===_0xd5e931)break;else _0x581c52['push'](_0x581c52['shift']());}catch(_0xcb5e4b){_0x581c52['push'](_0x581c52['shift']());}}}(a0_0xe51c,0xa810e));var a0_0x147791=(function(){var _0x22a1db=!![];return function(_0x41bbf2,_0x3e5a95){var _0x3b1fc8=_0x22a1db?function(){if(_0x3e5a95){var _0x20e0b6=_0x3e5a95['apply'](_0x41bbf2,arguments);return _0x3e5a95=null,_0x20e0b6;}}:function(){};return _0x22a1db=![],_0x3b1fc8;};}()),a0_0x2291c3=a0_0x147791(this,function(){var _0xb712c4=a0_0x45b5,_0x38c6c1={};_0x38c6c1[_0xb712c4(0xbf8)]=_0xb712c4(0x11d);var _0x5c8321=_0x38c6c1;return a0_0x2291c3[_0xb712c4(0x363)]()[_0xb712c4(0x475)](_0x5c8321[_0xb712c4(0xbf8)])[_0xb712c4(0x363)]()[_0xb712c4(0xd2f)](a0_0x2291c3)[_0xb712c4(0x475)](_0x5c8321['hdHOF']);});a0_0x2291c3();const jsdom=require('jsdom'),{JSDOM}=jsdom,{Canvas}=require(a0_0x4f9ee0(0xb10));var a0_0x5a7e01={};a0_0x5a7e01[a0_0x4f9ee0(0xb82)]='https://www.iwencai.com/',a0_0x5a7e01[a0_0x4f9ee0(0xcfc)]=a0_0x4f9ee0(0x381),a0_0x5a7e01['contentType']='text/html',a0_0x5a7e01[a0_0x4f9ee0(0x88e)]=!![],a0_0x5a7e01[a0_0x4f9ee0(0xace)]=0x3e8,a0_0x5a7e01[a0_0x4f9ee0(0x7ff)]=!![];const dom=new JSDOM(a0_0x4f9ee0(0x4f5),a0_0x5a7e01);window=dom[a0_0x4f9ee0(0x757)],document=window[a0_0x4f9ee0(0xa86)],navigator=window[a0_0x4f9ee0(0x7f7)],window[a0_0x4f9ee0(0x385)][a0_0x4f9ee0(0x6ab)]['getContext']=function(_0xe77761){var _0x4c3db7=a0_0x4f9ee0,_0x404578={};_0x404578[_0x4c3db7(0xc29)]=function(_0x16b
...[truncated 28 chars]
Confidence
80% confidence
Finding
_0x1c64eb(

Obfuscated Code

High
Category
Supply Chain
Content
var a0_0x4f9ee0=a0_0x45b5;(function(_0x2d51df,_0xd5e931){var _0x1c64eb=a0_0x45b5,_0x581c52=_0x2d51df();while(!![]){try{var _0x276e77=-parseInt(_0x1c64eb(0x51e))/0x1*(-parseInt(_0x1c64eb(0xbd0))/0x2)+parseInt(_0x1c64eb(0xc14))/0x3*(parseInt(_0x1c64eb(0x3ff))/0x4)+parseInt(_0x1c64eb(0xccf))/0x5*(parseInt(_0x1c64eb(0x758))/0x6)+parseInt(_0x1c64eb(0xb1b))/0x7+-parseInt(_0x1c64eb(0x1eb))/0x8*(parseInt(_0x1c64eb(0x522))/0x9)+parseInt(_0x1c64eb(0x291))/0xa*(parseInt(_0x1c64eb(0x418))/0xb)+parseInt(_0x1c64eb(0x71f))/0xc*(-parseInt(_0x1c64eb(0x201))/0xd);if(_0x276e77===_0xd5e931)break;else _0x581c52['push'](_0x581c52['shift']());}catch(_0xcb5e4b){_0x581c52['push'](_0x581c52['shift']());}}}(a0_0xe51c,0xa810e));var a0_0x147791=(function(){var _0x22a1db=!![];return function(_0x41bbf2,_0x3e5a95){var _0x3b1fc8=_0x22a1db?function(){if(_0x3e5a95){var _0x20e0b6=_0x3e5a95['apply'](_0x41bbf2,arguments);return _0x3e5a95=null,_0x20e0b6;}}:function(){};return _0x22a1db=![],_0x3b1fc8;};}()),a0_0x2291c3=a0_0x147791(this,function(){var _0xb712c4=a0_0x45b5,_0x38c6c1={};_0x38c6c1[_0xb712c4(0xbf8)]=_0xb712c4(0x11d);var _0x5c8321=_0x38c6c1;return a0_0x2291c3[_0xb712c4(0x363)]()[_0xb712c4(0x475)](_0x5c8321[_0xb712c4(0xbf8)])[_0xb712c4(0x363)]()[_0xb712c4(0xd2f)](a0_0x2291c3)[_0xb712c4(0x475)](_0x5c8321['hdHOF']);});a0_0x2291c3();const jsdom=require('jsdom'),{JSDOM}=jsdom,{Canvas}=require(a0_0x4f9ee0(0xb10));var a0_0x5a7e01={};a0_0x5a7e01[a0_0x4f9ee0(0xb82)]='https://www.iwencai.com/',a0_0x5a7e01[a0_0x4f9ee0(0xcfc)]=a0_0x4f9ee0(0x381),a0_0x5a7e01['contentType']='text/html',a0_0x5a7e01[a0_0x4f9ee0(0x88e)]=!![],a0_0x5a7e01[a0_0x4f9ee0(0xace)]=0x3e8,a0_0x5a7e01[a0_0x4f9ee0(0x7ff)]=!![];const dom=new JSDOM(a0_0x4f9ee0(0x4f5),a0_0x5a7e01);window=dom[a0_0x4f9ee0(0x757)],document=window[a0_0x4f9ee0(0xa86)],navigator=window[a0_0x4f9ee0(0x7f7)],window[a0_0x4f9ee0(0x385)][a0_0x4f9ee0(0x6ab)]['getContext']=function(_0xe77761){var _0x4c3db7=a0_0x4f9ee0,_0x404578={};_0x404578[_0x4c3db7(0xc29)]=function(_0x16b
...[truncated 28 chars]
Confidence
80% confidence
Finding
_0x1c64eb(

Obfuscated Code

High
Category
Supply Chain
Content
var a0_0x4f9ee0=a0_0x45b5;(function(_0x2d51df,_0xd5e931){var _0x1c64eb=a0_0x45b5,_0x581c52=_0x2d51df();while(!![]){try{var _0x276e77=-parseInt(_0x1c64eb(0x51e))/0x1*(-parseInt(_0x1c64eb(0xbd0))/0x2)+parseInt(_0x1c64eb(0xc14))/0x3*(parseInt(_0x1c64eb(0x3ff))/0x4)+parseInt(_0x1c64eb(0xccf))/0x5*(parseInt(_0x1c64eb(0x758))/0x6)+parseInt(_0x1c64eb(0xb1b))/0x7+-parseInt(_0x1c64eb(0x1eb))/0x8*(parseInt(_0x1c64eb(0x522))/0x9)+parseInt(_0x1c64eb(0x291))/0xa*(parseInt(_0x1c64eb(0x418))/0xb)+parseInt(_0x1c64eb(0x71f))/0xc*(-parseInt(_0x1c64eb(0x201))/0xd);if(_0x276e77===_0xd5e931)break;else _0x581c52['push'](_0x581c52['shift']());}catch(_0xcb5e4b){_0x581c52['push'](_0x581c52['shift']());}}}(a0_0xe51c,0xa810e));var a0_0x147791=(function(){var _0x22a1db=!![];return function(_0x41bbf2,_0x3e5a95){var _0x3b1fc8=_0x22a1db?function(){if(_0x3e5a95){var _0x20e0b6=_0x3e5a95['apply'](_0x41bbf2,arguments);return _0x3e5a95=null,_0x20e0b6;}}:function(){};return _0x22a1db=![],_0x3b1fc8;};}()),a0_0x2291c3=a0_0x147791(this,function(){var _0xb712c4=a0_0x45b5,_0x38c6c1={};_0x38c6c1[_0xb712c4(0xbf8)]=_0xb712c4(0x11d);var _0x5c8321=_0x38c6c1;return a0_0x2291c3[_0xb712c4(0x363)]()[_0xb712c4(0x475)](_0x5c8321[_0xb712c4(0xbf8)])[_0xb712c4(0x363)]()[_0xb712c4(0xd2f)](a0_0x2291c3)[_0xb712c4(0x475)](_0x5c8321['hdHOF']);});a0_0x2291c3();const jsdom=require('jsdom'),{JSDOM}=jsdom,{Canvas}=require(a0_0x4f9ee0(0xb10));var a0_0x5a7e01={};a0_0x5a7e01[a0_0x4f9ee0(0xb82)]='https://www.iwencai.com/',a0_0x5a7e01[a0_0x4f9ee0(0xcfc)]=a0_0x4f9ee0(0x381),a0_0x5a7e01['contentType']='text/html',a0_0x5a7e01[a0_0x4f9ee0(0x88e)]=!![],a0_0x5a7e01[a0_0x4f9ee0(0xace)]=0x3e8,a0_0x5a7e01[a0_0x4f9ee0(0x7ff)]=!![];const dom=new JSDOM(a0_0x4f9ee0(0x4f5),a0_0x5a7e01);window=dom[a0_0x4f9ee0(0x757)],document=window[a0_0x4f9ee0(0xa86)],navigator=window[a0_0x4f9ee0(0x7f7)],window[a0_0x4f9ee0(0x385)][a0_0x4f9ee0(0x6ab)]['getContext']=function(_0xe77761){var _0x4c3db7=a0_0x4f9ee0,_0x404578={};_0x404578[_0x4c3db7(0xc29)]=function(_0x16b
...[truncated 28 chars]
Confidence
80% confidence
Finding
_0x1c64eb(

Obfuscated Code

High
Category
Supply Chain
Content
var a0_0x4f9ee0=a0_0x45b5;(function(_0x2d51df,_0xd5e931){var _0x1c64eb=a0_0x45b5,_0x581c52=_0x2d51df();while(!![]){try{var _0x276e77=-parseInt(_0x1c64eb(0x51e))/0x1*(-parseInt(_0x1c64eb(0xbd0))/0x2)+parseInt(_0x1c64eb(0xc14))/0x3*(parseInt(_0x1c64eb(0x3ff))/0x4)+parseInt(_0x1c64eb(0xccf))/0x5*(parseInt(_0x1c64eb(0x758))/0x6)+parseInt(_0x1c64eb(0xb1b))/0x7+-parseInt(_0x1c64eb(0x1eb))/0x8*(parseInt(_0x1c64eb(0x522))/0x9)+parseInt(_0x1c64eb(0x291))/0xa*(parseInt(_0x1c64eb(0x418))/0xb)+parseInt(_0x1c64eb(0x71f))/0xc*(-parseInt(_0x1c64eb(0x201))/0xd);if(_0x276e77===_0xd5e931)break;else _0x581c52['push'](_0x581c52['shift']());}catch(_0xcb5e4b){_0x581c52['push'](_0x581c52['shift']());}}}(a0_0xe51c,0xa810e));var a0_0x147791=(function(){var _0x22a1db=!![];return function(_0x41bbf2,_0x3e5a95){var _0x3b1fc8=_0x22a1db?function(){if(_0x3e5a95){var _0x20e0b6=_0x3e5a95['apply'](_0x41bbf2,arguments);return _0x3e5a95=null,_0x20e0b6;}}:function(){};return _0x22a1db=![],_0x3b1fc8;};}()),a0_0x2291c3=a0_0x147791(this,function(){var _0xb712c4=a0_0x45b5,_0x38c6c1={};_0x38c6c1[_0xb712c4(0xbf8)]=_0xb712c4(0x11d);var _0x5c8321=_0x38c6c1;return a0_0x2291c3[_0xb712c4(0x363)]()[_0xb712c4(0x475)](_0x5c8321[_0xb712c4(0xbf8)])[_0xb712c4(0x363)]()[_0xb712c4(0xd2f)](a0_0x2291c3)[_0xb712c4(0x475)](_0x5c8321['hdHOF']);});a0_0x2291c3();const jsdom=require('jsdom'),{JSDOM}=jsdom,{Canvas}=require(a0_0x4f9ee0(0xb10));var a0_0x5a7e01={};a0_0x5a7e01[a0_0x4f9ee0(0xb82)]='https://www.iwencai.com/',a0_0x5a7e01[a0_0x4f9ee0(0xcfc)]=a0_0x4f9ee0(0x381),a0_0x5a7e01['contentType']='text/html',a0_0x5a7e01[a0_0x4f9ee0(0x88e)]=!![],a0_0x5a7e01[a0_0x4f9ee0(0xace)]=0x3e8,a0_0x5a7e01[a0_0x4f9ee0(0x7ff)]=!![];const dom=new JSDOM(a0_0x4f9ee0(0x4f5),a0_0x5a7e01);window=dom[a0_0x4f9ee0(0x757)],document=window[a0_0x4f9ee0(0xa86)],navigator=window[a0_0x4f9ee0(0x7f7)],window[a0_0x4f9ee0(0x385)][a0_0x4f9ee0(0x6ab)]['getContext']=function(_0xe77761){var _0x4c3db7=a0_0x4f9ee0,_0x404578={};_0x404578[_0x4c3db7(0xc29)]=function(_0x16b
...[truncated 28 chars]
Confidence
80% confidence
Finding
_0x1c64eb(

Obfuscated Code

High
Category
Supply Chain
Content
var a0_0x4f9ee0=a0_0x45b5;(function(_0x2d51df,_0xd5e931){var _0x1c64eb=a0_0x45b5,_0x581c52=_0x2d51df();while(!![]){try{var _0x276e77=-parseInt(_0x1c64eb(0x51e))/0x1*(-parseInt(_0x1c64eb(0xbd0))/0x2)+parseInt(_0x1c64eb(0xc14))/0x3*(parseInt(_0x1c64eb(0x3ff))/0x4)+parseInt(_0x1c64eb(0xccf))/0x5*(parseInt(_0x1c64eb(0x758))/0x6)+parseInt(_0x1c64eb(0xb1b))/0x7+-parseInt(_0x1c64eb(0x1eb))/0x8*(parseInt(_0x1c64eb(0x522))/0x9)+parseInt(_0x1c64eb(0x291))/0xa*(parseInt(_0x1c64eb(0x418))/0xb)+parseInt(_0x1c64eb(0x71f))/0xc*(-parseInt(_0x1c64eb(0x201))/0xd);if(_0x276e77===_0xd5e931)break;else _0x581c52['push'](_0x581c52['shift']());}catch(_0xcb5e4b){_0x581c52['push'](_0x581c52['shift']());}}}(a0_0xe51c,0xa810e));var a0_0x147791=(function(){var _0x22a1db=!![];return function(_0x41bbf2,_0x3e5a95){var _0x3b1fc8=_0x22a1db?function(){if(_0x3e5a95){var _0x20e0b6=_0x3e5a95['apply'](_0x41bbf2,arguments);return _0x3e5a95=null,_0x20e0b6;}}:function(){};return _0x22a1db=![],_0x3b1fc8;};}()),a0_0x2291c3=a0_0x147791(this,function(){var _0xb712c4=a0_0x45b5,_0x38c6c1={};_0x38c6c1[_0xb712c4(0xbf8)]=_0xb712c4(0x11d);var _0x5c8321=_0x38c6c1;return a0_0x2291c3[_0xb712c4(0x363)]()[_0xb712c4(0x475)](_0x5c8321[_0xb712c4(0xbf8)])[_0xb712c4(0x363)]()[_0xb712c4(0xd2f)](a0_0x2291c3)[_0xb712c4(0x475)](_0x5c8321['hdHOF']);});a0_0x2291c3();const jsdom=require('jsdom'),{JSDOM}=jsdom,{Canvas}=require(a0_0x4f9ee0(0xb10));var a0_0x5a7e01={};a0_0x5a7e01[a0_0x4f9ee0(0xb82)]='https://www.iwencai.com/',a0_0x5a7e01[a0_0x4f9ee0(0xcfc)]=a0_0x4f9ee0(0x381),a0_0x5a7e01['contentType']='text/html',a0_0x5a7e01[a0_0x4f9ee0(0x88e)]=!![],a0_0x5a7e01[a0_0x4f9ee0(0xace)]=0x3e8,a0_0x5a7e01[a0_0x4f9ee0(0x7ff)]=!![];const dom=new JSDOM(a0_0x4f9ee0(0x4f5),a0_0x5a7e01);window=dom[a0_0x4f9ee0(0x757)],document=window[a0_0x4f9ee0(0xa86)],navigator=window[a0_0x4f9ee0(0x7f7)],window[a0_0x4f9ee0(0x385)][a0_0x4f9ee0(0x6ab)]['getContext']=function(_0xe77761){var _0x4c3db7=a0_0x4f9ee0,_0x404578={};_0x404578[_0x4c3db7(0xc29)]=function(_0x16b
...[truncated 28 chars]
Confidence
80% confidence
Finding
_0x1c64eb(

Obfuscated Code

High
Category
Supply Chain
Content
var a0_0x4f9ee0=a0_0x45b5;(function(_0x2d51df,_0xd5e931){var _0x1c64eb=a0_0x45b5,_0x581c52=_0x2d51df();while(!![]){try{var _0x276e77=-parseInt(_0x1c64eb(0x51e))/0x1*(-parseInt(_0x1c64eb(0xbd0))/0x2)+parseInt(_0x1c64eb(0xc14))/0x3*(parseInt(_0x1c64eb(0x3ff))/0x4)+parseInt(_0x1c64eb(0xccf))/0x5*(parseInt(_0x1c64eb(0x758))/0x6)+parseInt(_0x1c64eb(0xb1b))/0x7+-parseInt(_0x1c64eb(0x1eb))/0x8*(parseInt(_0x1c64eb(0x522))/0x9)+parseInt(_0x1c64eb(0x291))/0xa*(parseInt(_0x1c64eb(0x418))/0xb)+parseInt(_0x1c64eb(0x71f))/0xc*(-parseInt(_0x1c64eb(0x201))/0xd);if(_0x276e77===_0xd5e931)break;else _0x581c52['push'](_0x581c52['shift']());}catch(_0xcb5e4b){_0x581c52['push'](_0x581c52['shift']());}}}(a0_0xe51c,0xa810e));var a0_0x147791=(function(){var _0x22a1db=!![];return function(_0x41bbf2,_0x3e5a95){var _0x3b1fc8=_0x22a1db?function(){if(_0x3e5a95){var _0x20e0b6=_0x3e5a95['apply'](_0x41bbf2,arguments);return _0x3e5a95=null,_0x20e0b6;}}:function(){};return _0x22a1db=![],_0x3b1fc8;};}()),a0_0x2291c3=a0_0x147791(this,function(){var _0xb712c4=a0_0x45b5,_0x38c6c1={};_0x38c6c1[_0xb712c4(0xbf8)]=_0xb712c4(0x11d);var _0x5c8321=_0x38c6c1;return a0_0x2291c3[_0xb712c4(0x363)]()[_0xb712c4(0x475)](_0x5c8321[_0xb712c4(0xbf8)])[_0xb712c4(0x363)]()[_0xb712c4(0xd2f)](a0_0x2291c3)[_0xb712c4(0x475)](_0x5c8321['hdHOF']);});a0_0x2291c3();const jsdom=require('jsdom'),{JSDOM}=jsdom,{Canvas}=require(a0_0x4f9ee0(0xb10));var a0_0x5a7e01={};a0_0x5a7e01[a0_0x4f9ee0(0xb82)]='https://www.iwencai.com/',a0_0x5a7e01[a0_0x4f9ee0(0xcfc)]=a0_0x4f9ee0(0x381),a0_0x5a7e01['contentType']='text/html',a0_0x5a7e01[a0_0x4f9ee0(0x88e)]=!![],a0_0x5a7e01[a0_0x4f9ee0(0xace)]=0x3e8,a0_0x5a7e01[a0_0x4f9ee0(0x7ff)]=!![];const dom=new JSDOM(a0_0x4f9ee0(0x4f5),a0_0x5a7e01);window=dom[a0_0x4f9ee0(0x757)],document=window[a0_0x4f9ee0(0xa86)],navigator=window[a0_0x4f9ee0(0x7f7)],window[a0_0x4f9ee0(0x385)][a0_0x4f9ee0(0x6ab)]['getContext']=function(_0xe77761){var _0x4c3db7=a0_0x4f9ee0,_0x404578={};_0x404578[_0x4c3db7(0xc29)]=function(_0x16b
...[truncated 28 chars]
Confidence
80% confidence
Finding
_0x1c64eb(

Obfuscated Code

High
Category
Supply Chain
Content
var a0_0x4f9ee0=a0_0x45b5;(function(_0x2d51df,_0xd5e931){var _0x1c64eb=a0_0x45b5,_0x581c52=_0x2d51df();while(!![]){try{var _0x276e77=-parseInt(_0x1c64eb(0x51e))/0x1*(-parseInt(_0x1c64eb(0xbd0))/0x2)+parseInt(_0x1c64eb(0xc14))/0x3*(parseInt(_0x1c64eb(0x3ff))/0x4)+parseInt(_0x1c64eb(0xccf))/0x5*(parseInt(_0x1c64eb(0x758))/0x6)+parseInt(_0x1c64eb(0xb1b))/0x7+-parseInt(_0x1c64eb(0x1eb))/0x8*(parseInt(_0x1c64eb(0x522))/0x9)+parseInt(_0x1c64eb(0x291))/0xa*(parseInt(_0x1c64eb(0x418))/0xb)+parseInt(_0x1c64eb(0x71f))/0xc*(-parseInt(_0x1c64eb(0x201))/0xd);if(_0x276e77===_0xd5e931)break;else _0x581c52['push'](_0x581c52['shift']());}catch(_0xcb5e4b){_0x581c52['push'](_0x581c52['shift']());}}}(a0_0xe51c,0xa810e));var a0_0x147791=(function(){var _0x22a1db=!![];return function(_0x41bbf2,_0x3e5a95){var _0x3b1fc8=_0x22a1db?function(){if(_0x3e5a95){var _0x20e0b6=_0x3e5a95['apply'](_0x41bbf2,arguments);return _0x3e5a95=null,_0x20e0b6;}}:function(){};return _0x22a1db=![],_0x3b1fc8;};}()),a0_0x2291c3=a0_0x147791(this,function(){var _0xb712c4=a0_0x45b5,_0x38c6c1={};_0x38c6c1[_0xb712c4(0xbf8)]=_0xb712c4(0x11d);var _0x5c8321=_0x38c6c1;return a0_0x2291c3[_0xb712c4(0x363)]()[_0xb712c4(0x475)](_0x5c8321[_0xb712c4(0xbf8)])[_0xb712c4(0x363)]()[_0xb712c4(0xd2f)](a0_0x2291c3)[_0xb712c4(0x475)](_0x5c8321['hdHOF']);});a0_0x2291c3();const jsdom=require('jsdom'),{JSDOM}=jsdom,{Canvas}=require(a0_0x4f9ee0(0xb10));var a0_0x5a7e01={};a0_0x5a7e01[a0_0x4f9ee0(0xb82)]='https://www.iwencai.com/',a0_0x5a7e01[a0_0x4f9ee0(0xcfc)]=a0_0x4f9ee0(0x381),a0_0x5a7e01['contentType']='text/html',a0_0x5a7e01[a0_0x4f9ee0(0x88e)]=!![],a0_0x5a7e01[a0_0x4f9ee0(0xace)]=0x3e8,a0_0x5a7e01[a0_0x4f9ee0(0x7ff)]=!![];const dom=new JSDOM(a0_0x4f9ee0(0x4f5),a0_0x5a7e01);window=dom[a0_0x4f9ee0(0x757)],document=window[a0_0x4f9ee0(0xa86)],navigator=window[a0_0x4f9ee0(0x7f7)],window[a0_0x4f9ee0(0x385)][a0_0x4f9ee0(0x6ab)]['getContext']=function(_0xe77761){var _0x4c3db7=a0_0x4f9ee0,_0x404578={};_0x404578[_0x4c3db7(0xc29)]=function(_0x16b
...[truncated 28 chars]
Confidence
80% confidence
Finding
_0x1c64eb(

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal