ClawHub

axios-supply-chain-attack-check

v1.0.0

Provides a quick 1-minute script to detect and handle malicious axios versions and backdoor dependencies in front-end projects.

0· 57·0 current·0 all-time
byhometown@preciousdust
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The script's checks (npm list axios, npm list plain-crypto-js) and remediation steps (npm uninstall, rm -rf node_modules and lockfiles, npm install, delete specific system files) directly support the stated goal of detecting and mitigating known axios/plain-crypto-js supply-chain compromises. No unrelated credentials, binaries, or services are requested.
Instruction Scope
Instructions are narrowly scoped to run the included shell script, which inspects dependency trees and specific system paths. However, the script performs destructive actions (uninstalling packages, deleting node_modules and lockfiles, reinstalling from the network, and deleting filesystem paths like /Library/Caches/com.apple.act.mond and /tmp/ld.py). These are coherent with remediation but have side effects and require appropriate permissions and backups before running.
Install Mechanism
This is an instruction-only skill with no install spec; nothing is written to disk by an installer beyond the provided script. Low install-surface risk.
Credentials
No environment variables, credentials, or config paths are requested. The script uses npm and filesystem operations which are proportionate to checking and remediating a Node.js front-end project.
Persistence & Privilege
Skill does not request persistent/always-on presence and does not modify other skills or system-wide agent configs. It runs on-demand and requires no elevated platform privileges beyond what the user grants when executing the script.
Assessment
This script appears to do what it says, but it's intrusive: it will uninstall packages, remove node_modules and lockfiles, reinstall dependencies from the network, and delete specific files on the host. Before running: (1) review the script and its file-deletion list; (2) commit or back up your repository and lockfiles so you can revert; (3) consider running the detection lines manually first (npm list ...) to confirm findings; (4) run remediation in a safe environment (CI job, dev container, or isolated machine) if possible; (5) be aware npm install will contact the registry to download packages and that using axios@latest may update to a different minor/major version — verify compatibility. If you need reduced-risk diagnosis, run only the checks and review results before allowing automated remediation.

Like a lobster shell, security has layers — review code before you run it.

latestvk9709szqvmndwwhwzhtjre7afs84cc6k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments