@lateos/npm-scan 0.16.0 → 0.16.5

package/backend/detectors/atk-007-typosquat.js

@@ -1,35 +1,35 @@
-const TOP_PKGS = ['lodash', 'react', 'express', 'axios', 'chalk', 'vue', 'typescript', 'moment', 'uuid', 'commander', 'debug', 'semver', 'underscore', 'request', 'async', 'cheerio', 'bluebird', 'jest', 'mocha', 'dotenv', 'glob', 'minimist', 'body-parser', 'cors', 'helmet', 'jsonwebtoken', 'socket.io', 'redis', 'mongoose', 'sequelize', 'pg', 'passport', 'nodemailer', 'multer', 'bcrypt', 'winston', 'luxon', 'dayjs', 'rxjs', 'redux'];
-
-function levenshtein(a, b) {
-  const m = a.length, n = b.length;
-  const d = Array.from({ length: m + 1 }, (_, i) => [i]);
-  for (let j = 0; j <= n; j++) d[0][j] = j;
-  for (let i = 1; i <= m; i++)
-    for (let j = 1; j <= n; j++)
-      d[i][j] = Math.min(d[i-1][j]+1, d[i][j-1]+1, d[i-1][j-1]+(a[i-1]===b[j-1]?0:1));
-  return d[m][n];
-}
-
-export async function scan(pkgJson) {
-  const findings = [];
-  const deps = { ...pkgJson.dependencies, ...pkgJson.devDependencies };
-  const names = Object.keys(deps);
-  if (names.length === 0) return findings;
-  for (const d of names) {
-    if (d.length < 4) continue;
-    for (const top of TOP_PKGS) {
-      const dist = levenshtein(d, top);
-      if (dist > 0 && dist <= 2 && d !== top) {
-        findings.push({
-          id: 'ATK-007',
-          severity: 'low',
-          title: 'Typosquatting suspect',
-          description: `"${d}" is edit-distance ${dist} from "${top}"`,
-          evidence: d
-        });
-        break;
-      }
-    }
-  }
-  return findings;
+const TOP_PKGS = ['lodash', 'react', 'express', 'axios', 'chalk', 'vue', 'typescript', 'moment', 'uuid', 'commander', 'debug', 'semver', 'underscore', 'request', 'async', 'cheerio', 'bluebird', 'jest', 'mocha', 'dotenv', 'glob', 'minimist', 'body-parser', 'cors', 'helmet', 'jsonwebtoken', 'socket.io', 'redis', 'mongoose', 'sequelize', 'pg', 'passport', 'nodemailer', 'multer', 'bcrypt', 'winston', 'luxon', 'dayjs', 'rxjs', 'redux'];
+
+function levenshtein(a, b) {
+  const m = a.length, n = b.length;
+  const d = Array.from({ length: m + 1 }, (_, i) => [i]);
+  for (let j = 0; j <= n; j++) d[0][j] = j;
+  for (let i = 1; i <= m; i++)
+    for (let j = 1; j <= n; j++)
+      d[i][j] = Math.min(d[i-1][j]+1, d[i][j-1]+1, d[i-1][j-1]+(a[i-1]===b[j-1]?0:1));
+  return d[m][n];
+}
+
+export async function scan(pkgJson) {
+  const findings = [];
+  const deps = { ...pkgJson.dependencies, ...pkgJson.devDependencies };
+  const names = Object.keys(deps);
+  if (names.length === 0) return findings;
+  for (const d of names) {
+    if (d.length < 4) continue;
+    for (const top of TOP_PKGS) {
+      const dist = levenshtein(d, top);
+      if (dist > 0 && dist <= 2 && d !== top) {
+        findings.push({
+          id: 'ATK-007',
+          severity: 'low',
+          title: 'Typosquatting suspect',
+          description: `"${d}" is edit-distance ${dist} from "${top}"`,
+          evidence: d
+        });
+        break;
+      }
+    }
+  }
+  return findings;
 }

package/backend/detectors/atk-008-tarball-tamper.js

@@ -1,91 +1,91 @@
-export async function scan(pkgJson, files = []) {
-  const findings = [];
-  const repo = pkgJson.repository || {};
-  const repoUrl = typeof repo === 'string' ? repo : (repo.url || '');
-  const pkgName = (pkgJson.name || '').toLowerCase();
-
-  const knownRepos = {
-    lodash: 'lodash/lodash',
-    chalk: 'chalk/chalk',
-    react: 'facebook/react',
-    axios: 'axios/axios',
-    express: 'expressjs/express',
-    vue: 'vuejs/core',
-    typescript: 'microsoft/typescript',
-    moment: 'moment/moment',
-    uuid: 'uuidjs/uuid',
-    commander: 'tj/commander.js',
-    debug: 'debug-js/debug',
-    semver: 'npm/node-semver',
-    underscore: 'jashkenas/underscore',
-    request: 'request/request',
-    async: 'caolan/async',
-    cheerio: 'cheeriojs/cheerio',
-    bluebird: 'petkaantonov/bluebird',
-    jest: 'jestjs/jest',
-    mocha: 'mochajs/mocha',
-    dotenv: 'motdotla/dotenv',
-    glob: 'isaacs/node-glob',
-  };
-
-  if (repoUrl && repoUrl.includes('github.com')) {
-    const repoMatch = repoUrl.match(/github\.com[\/:]([\w.-]+\/[\w.-]+?)(?:\.git)?$/);
-    if (repoMatch) {
-      const ghRepo = repoMatch[1].toLowerCase();
-      const ghName = ghRepo.split('/')[1];
-      const ghOrg = ghRepo.split('/')[0];
-      const shortName = pkgName.split('/').pop();
-
-      if (ghName !== shortName) {
-        const expectedRepo = knownRepos[pkgName] || knownRepos[shortName];
-
-        if (expectedRepo && expectedRepo !== ghRepo) {
-          findings.push({
-            id: 'ATK-008',
-            severity: 'high',
-            title: 'Tarball tampering suspect',
-            description: `Repository "${ghRepo}" does not match expected "${expectedRepo}" for package "${pkgName}"`,
-            evidence: `repo: ${ghRepo}, expected: ${expectedRepo}`
-          });
-        } else {
-          const orgExpected = knownRepos[shortName];
-          if (orgExpected) {
-            const expectedOrg = orgExpected.split('/')[0];
-            if (ghOrg !== expectedOrg) {
-              findings.push({
-                id: 'ATK-008',
-                severity: 'medium',
-                title: 'Tarball tampering suspect',
-                description: `Repository "${ghRepo}" is a different repo under a different org (legitimate: ${expectedRepo})`,
-                evidence: `org mismatch: ${ghOrg} vs ${expectedOrg}`
-              });
-            }
-          }
-        }
-      }
-    }
-  }
-
-  const code = files.map(f => f.content).join('\n');
-  const embeddedIntros = code.match(/\/\/\s*Source:\s*(https?:\/\/[^\s]+)/gi);
-  if (embeddedIntros && repoUrl) {
-    for (const intro of embeddedIntros) {
-      const srcUrl = intro.replace(/\/\/\s*Source:\s*/i, '').trim();
-      try {
-        if (!repoUrl.includes(new URL(srcUrl).hostname)) {
-          findings.push({
-            id: 'ATK-008',
-            severity: 'medium',
-            title: 'Tarball tampering suspect',
-            description: 'Source URL in file does not match declared repository',
-            evidence: srcUrl
-          });
-        }
-      } catch {
-        // ignore malformed URLs
-      }
-    }
-  }
-
-  return findings;
-}
+export async function scan(pkgJson, files = []) {
+  const findings = [];
+  const repo = pkgJson.repository || {};
+  const repoUrl = typeof repo === 'string' ? repo : (repo.url || '');
+  const pkgName = (pkgJson.name || '').toLowerCase();
+
+  const knownRepos = {
+    lodash: 'lodash/lodash',
+    chalk: 'chalk/chalk',
+    react: 'facebook/react',
+    axios: 'axios/axios',
+    express: 'expressjs/express',
+    vue: 'vuejs/core',
+    typescript: 'microsoft/typescript',
+    moment: 'moment/moment',
+    uuid: 'uuidjs/uuid',
+    commander: 'tj/commander.js',
+    debug: 'debug-js/debug',
+    semver: 'npm/node-semver',
+    underscore: 'jashkenas/underscore',
+    request: 'request/request',
+    async: 'caolan/async',
+    cheerio: 'cheeriojs/cheerio',
+    bluebird: 'petkaantonov/bluebird',
+    jest: 'jestjs/jest',
+    mocha: 'mochajs/mocha',
+    dotenv: 'motdotla/dotenv',
+    glob: 'isaacs/node-glob',
+  };
+
+  if (repoUrl && repoUrl.includes('github.com')) {
+    const repoMatch = repoUrl.match(/github\.com[\/:]([\w.-]+\/[\w.-]+?)(?:\.git)?$/);
+    if (repoMatch) {
+      const ghRepo = repoMatch[1].toLowerCase();
+      const ghName = ghRepo.split('/')[1];
+      const ghOrg = ghRepo.split('/')[0];
+      const shortName = pkgName.split('/').pop();
+
+      if (ghName !== shortName) {
+        const expectedRepo = knownRepos[pkgName] || knownRepos[shortName];
+
+        if (expectedRepo && expectedRepo !== ghRepo) {
+          findings.push({
+            id: 'ATK-008',
+            severity: 'high',
+            title: 'Tarball tampering suspect',
+            description: `Repository "${ghRepo}" does not match expected "${expectedRepo}" for package "${pkgName}"`,
+            evidence: `repo: ${ghRepo}, expected: ${expectedRepo}`
+          });
+        } else {
+          const orgExpected = knownRepos[shortName];
+          if (orgExpected) {
+            const expectedOrg = orgExpected.split('/')[0];
+            if (ghOrg !== expectedOrg) {
+              findings.push({
+                id: 'ATK-008',
+                severity: 'medium',
+                title: 'Tarball tampering suspect',
+                description: `Repository "${ghRepo}" is a different repo under a different org (legitimate: ${expectedRepo})`,
+                evidence: `org mismatch: ${ghOrg} vs ${expectedOrg}`
+              });
+            }
+          }
+        }
+      }
+    }
+  }
+
+  const code = files.map(f => f.content).join('\n');
+  const embeddedIntros = code.match(/\/\/\s*Source:\s*(https?:\/\/[^\s]+)/gi);
+  if (embeddedIntros && repoUrl) {
+    for (const intro of embeddedIntros) {
+      const srcUrl = intro.replace(/\/\/\s*Source:\s*/i, '').trim();
+      try {
+        if (!repoUrl.includes(new URL(srcUrl).hostname)) {
+          findings.push({
+            id: 'ATK-008',
+            severity: 'medium',
+            title: 'Tarball tampering suspect',
+            description: 'Source URL in file does not match declared repository',
+            evidence: srcUrl
+          });
+        }
+      } catch {
+        // ignore malformed URLs
+      }
+    }
+  }
+
+  return findings;
+}

package/backend/detectors/atk-009-dormant-trigger.js

@@ -1,62 +1,62 @@
-export async function scan(pkgJson, files = []) {
-  const findings = [];
-  const code = files.map(f => f.content).join('\n');
-
-  const ciPatterns = [
-    { pattern: /process\.env\.CI\b/, label: 'CI env check' },
-    { pattern: /process\.env\.(TRAVIS|CIRCLECI|GITHUB_ACTIONS|JENKINS|GITLAB_CI|CODEBUILD)/, label: 'CI platform check' },
-    { pattern: /\bisCI\b/, label: 'isCI utility check' },
-  ];
-
-  for (const { pattern, label } of ciPatterns) {
-    if (pattern.test(code)) {
-      findings.push({
-        id: 'ATK-009',
-        severity: 'high',
-        title: 'Conditional trigger (CI/production env)',
-        description: `Package checks for CI or production environment: ${label}`,
-        evidence: 'conditional trigger detected'
-      });
-      break;
-    }
-  }
-
-  const suspiciousCode = /\beval\(|atob\(|btoa\(|new Function\(|child_process\b|\.exec\(|spawn\(/;
-  const suspiciousNetwork = /\.fetch\(|http\.request\(|https\.request\(|dns\.lookup\(/;
-  const suspiciousEnv = /process\.env\.(?!NODE_ENV)[A-Z_]{4,}/;
-  const hasSuspicious = suspiciousCode.test(code) || suspiciousNetwork.test(code) || suspiciousEnv.test(code);
-
-  const timePatterns = [
-    {
-      pattern: /new Date\(\)\s*[><=!]+\s*new Date\(['"]\d{4}/,
-      label: 'time-based activation',
-    },
-    {
-      pattern: /\bDate\.now\(\)\s*[><=!]+.*(?:eval|fetch|exec|write|crypto|env\.CI)/i,
-      label: 'timestamp check with suspicious behavior',
-    },
-    {
-      pattern: /\bsetTimeout\s*\([^)]*,\s*(?!0\b)[1-9]\d{3,}/,
-      label: 'long-delay execution (>1000ms)',
-    },
-    {
-      pattern: /\bDate\(\)\b.*(?:exec|eval|fetch|write|crypto)/i,
-      label: 'date check with suspicious behavior',
-    },
-  ];
-
-  for (const { pattern, label } of timePatterns) {
-    if (pattern.test(code)) {
-      findings.push({
-        id: 'ATK-009',
-        severity: hasSuspicious ? 'high' : 'medium',
-        title: 'Conditional trigger (time-based)',
-        description: `Package uses ${label}`,
-        evidence: `${label}${hasSuspicious ? ' — elevated (suspicious context: eval/network/exec detected)' : ''}`
-      });
-      break;
-    }
-  }
-
-  return findings;
-}
+export async function scan(pkgJson, files = []) {
+  const findings = [];
+  const code = files.map(f => f.content).join('\n');
+
+  const ciPatterns = [
+    { pattern: /process\.env\.CI\b/, label: 'CI env check' },
+    { pattern: /process\.env\.(TRAVIS|CIRCLECI|GITHUB_ACTIONS|JENKINS|GITLAB_CI|CODEBUILD)/, label: 'CI platform check' },
+    { pattern: /\bisCI\b/, label: 'isCI utility check' },
+  ];
+
+  for (const { pattern, label } of ciPatterns) {
+    if (pattern.test(code)) {
+      findings.push({
+        id: 'ATK-009',
+        severity: 'high',
+        title: 'Conditional trigger (CI/production env)',
+        description: `Package checks for CI or production environment: ${label}`,
+        evidence: 'conditional trigger detected'
+      });
+      break;
+    }
+  }
+
+  const suspiciousCode = /\beval\(|atob\(|btoa\(|new Function\(|child_process\b|\.exec\(|spawn\(/;
+  const suspiciousNetwork = /\.fetch\(|http\.request\(|https\.request\(|dns\.lookup\(/;
+  const suspiciousEnv = /process\.env\.(?!NODE_ENV)[A-Z_]{4,}/;
+  const hasSuspicious = suspiciousCode.test(code) || suspiciousNetwork.test(code) || suspiciousEnv.test(code);
+
+  const timePatterns = [
+    {
+      pattern: /new Date\(\)\s*[><=!]+\s*new Date\(['"]\d{4}/,
+      label: 'time-based activation',
+    },
+    {
+      pattern: /\bDate\.now\(\)\s*[><=!]+.*(?:eval|fetch|exec|write|crypto|env\.CI)/i,
+      label: 'timestamp check with suspicious behavior',
+    },
+    {
+      pattern: /\bsetTimeout\s*\([^)]*,\s*(?!0\b)[1-9]\d{3,}/,
+      label: 'long-delay execution (>1000ms)',
+    },
+    {
+      pattern: /\bDate\(\)\b.*(?:exec|eval|fetch|write|crypto)/i,
+      label: 'date check with suspicious behavior',
+    },
+  ];
+
+  for (const { pattern, label } of timePatterns) {
+    if (pattern.test(code)) {
+      findings.push({
+        id: 'ATK-009',
+        severity: hasSuspicious ? 'high' : 'medium',
+        title: 'Conditional trigger (time-based)',
+        description: `Package uses ${label}`,
+        evidence: `${label}${hasSuspicious ? ' — elevated (suspicious context: eval/network/exec detected)' : ''}`
+      });
+      break;
+    }
+  }
+
+  return findings;
+}

package/backend/detectors/atk-010-sandbox-evasion.js

@@ -1,51 +1,51 @@
-export async function scan(pkgJson, files = []) {
-  const findings = [];
-  const code = files.map(f => f.content).join('\n');
-
-  const highPatterns = [
-    { pattern: /\bdebugger\s*;?(\s*\/\/|\s*$|\)|\])/m, label: 'debugger statement' },
-    { pattern: /process\.argv.*['"]--inspect['"]|process\.argv.*\binspect\b(?!.*argv)/, label: 'inspect/debug flag detection' },
-    { pattern: /hostname.*(?:docker|sandbox|container|vmware|vbox)/i, label: 'anti-sandbox hostname check' },
-    { pattern: /detect.*(?:sandbox|debugger|analysis|virtual)/i, label: 'explicit evasion probe' },
-    { pattern: /e\.stack\b.*(?:sandbox|docker|container|vmware)/i, label: 'stack trace sandbox probe' },
-  ];
-
-  for (const { pattern, label } of highPatterns) {
-    if (pattern.test(code)) {
-      findings.push({
-        id: 'ATK-010',
-        severity: 'high',
-        title: 'Sandbox evasion / anti-analysis',
-        description: `Package performs anti-analysis behavior: ${label}`,
-        evidence: 'evasion pattern detected'
-      });
-      break;
-    }
-  }
-
-  if (findings.length === 0) {
-    const multiApi = ['process.pid', 'process.ppid', 'os.hostname', 'os.cpus', 'process.arch'].filter(api => code.includes(api));
-    if (multiApi.length >= 3) {
-      findings.push({
-        id: 'ATK-010',
-        severity: 'medium',
-        title: 'Sandbox evasion / anti-analysis',
-        description: 'Multiple system fingerprinting APIs detected',
-        evidence: `${multiApi.length} fingerprinting APIs: ${multiApi.join(', ')}`
-      });
-    }
-  }
-
-  const multiStack = ['Error().stack', 'new Error().stack'].filter(s => code.includes(s));
-  if (multiStack.length > 0 && /atob|eval|execSync|spawn|child_process/.test(code)) {
-    findings.push({
-      id: 'ATK-010',
-      severity: 'medium',
-      title: 'Sandbox evasion / anti-analysis',
-      description: 'Stack trace capture combined with code execution',
-      evidence: 'stack trace + execution'
-    });
-  }
-
-  return findings;
+export async function scan(pkgJson, files = []) {
+  const findings = [];
+  const code = files.map(f => f.content).join('\n');
+
+  const highPatterns = [
+    { pattern: /\bdebugger\s*;?(\s*\/\/|\s*$|\)|\])/m, label: 'debugger statement' },
+    { pattern: /process\.argv.*['"]--inspect['"]|process\.argv.*\binspect\b(?!.*argv)/, label: 'inspect/debug flag detection' },
+    { pattern: /hostname.*(?:docker|sandbox|container|vmware|vbox)/i, label: 'anti-sandbox hostname check' },
+    { pattern: /detect.*(?:sandbox|debugger|analysis|virtual)/i, label: 'explicit evasion probe' },
+    { pattern: /e\.stack\b.*(?:sandbox|docker|container|vmware)/i, label: 'stack trace sandbox probe' },
+  ];
+
+  for (const { pattern, label } of highPatterns) {
+    if (pattern.test(code)) {
+      findings.push({
+        id: 'ATK-010',
+        severity: 'high',
+        title: 'Sandbox evasion / anti-analysis',
+        description: `Package performs anti-analysis behavior: ${label}`,
+        evidence: 'evasion pattern detected'
+      });
+      break;
+    }
+  }
+
+  if (findings.length === 0) {
+    const multiApi = ['process.pid', 'process.ppid', 'os.hostname', 'os.cpus', 'process.arch'].filter(api => code.includes(api));
+    if (multiApi.length >= 3) {
+      findings.push({
+        id: 'ATK-010',
+        severity: 'medium',
+        title: 'Sandbox evasion / anti-analysis',
+        description: 'Multiple system fingerprinting APIs detected',
+        evidence: `${multiApi.length} fingerprinting APIs: ${multiApi.join(', ')}`
+      });
+    }
+  }
+
+  const multiStack = ['Error().stack', 'new Error().stack'].filter(s => code.includes(s));
+  if (multiStack.length > 0 && /atob|eval|execSync|spawn|child_process/.test(code)) {
+    findings.push({
+      id: 'ATK-010',
+      severity: 'medium',
+      title: 'Sandbox evasion / anti-analysis',
+      description: 'Stack trace capture combined with code execution',
+      evidence: 'stack trace + execution'
+    });
+  }
+
+  return findings;
 }

package/backend/detectors/atk-011-transitive-prop.js

@@ -1,76 +1,76 @@
-export async function scan(pkgJson, files = []) {
-  const findings = [];
-  const code = files.map(f => f.content).join('\n');
-
-  const highPatterns = [
-    {
-      pattern: /(?:exec|execSync|spawn)\s*\([^)]*npm\s+(?:install|link)\s*\./i,
-      label: 'programmatic self-propagation via npm install/link'
-    },
-    {
-      pattern: /fs\.(?:writeFile|writeFileSync|copyFile|copyFileSync)\s*\([^)]*(?:node_modules\/(?!\.)[^/]+).*(?:index\.js|main\.js|package\.json)/i,
-      label: 'direct file write to peer node_modules'
-    },
-    {
-      pattern: /fs\.(?:writeFile|writeFileSync)\s*\([^)]*package\.json[^)]*["']scripts["']/i,
-      label: 'package.json script injection in another package'
-    },
-    {
-      pattern: /fs\.(?:writeFile|writeFileSync)\s*\([^)]*\.\.\/[^)]*package\.json/i,
-      label: 'writes modified package.json to sibling package'
-    },
-    {
-      pattern: /(?:exec|execSync|spawn)\s*\([^)]*(?:\.\.\/|process\.env\.INIT_CWD).*npm\s+install/i,
-      label: 'cross-directory npm install propagation'
-    },
-  ];
-
-  for (const { pattern, label } of highPatterns) {
-    if (pattern.test(code)) {
-      findings.push({
-        id: 'ATK-011',
-        severity: 'high',
-        title: 'Transitive propagation (worm)',
-        description: `Package attempts lateral worm-style spread: ${label}`,
-        evidence: 'transitive propagation pattern detected'
-      });
-      break;
-    }
-  }
-
-  if (findings.length === 0) {
-    const mediumPatterns = [
-      {
-        pattern: /process\.env\.npm_package_name/,
-        label: 'reads own package name from env (self-awareness indicator)'
-      },
-      {
-        pattern: /fs\.symlink(?:Sync)?\s*\([^)]*node_modules/,
-        label: 'creates symlinks in node_modules (worm spreading mechanism)'
-      },
-      {
-        pattern: /fs\.(?:mkdir|mkdirSync)\s*\([^)]*\.\.\/[^)]*node_modules/,
-        label: 'creates directories in parent node_modules'
-      },
-      {
-        pattern: /__dirname.*\.\.\/[^/]+\/node_modules.*require\(/,
-        label: 'dynamic parent-node_modules require for lateral spread'
-      },
-    ];
-
-    for (const { pattern, label } of mediumPatterns) {
-      if (pattern.test(code)) {
-        findings.push({
-          id: 'ATK-011',
-          severity: 'medium',
-          title: 'Transitive propagation (worm)',
-          description: label,
-          evidence: 'potential propagation indicator'
-        });
-        break;
-      }
-    }
-  }
-
-  return findings;
-}
+export async function scan(pkgJson, files = []) {
+  const findings = [];
+  const code = files.map(f => f.content).join('\n');
+
+  const highPatterns = [
+    {
+      pattern: /(?:exec|execSync|spawn)\s*\([^)]*npm\s+(?:install|link)\s*\./i,
+      label: 'programmatic self-propagation via npm install/link'
+    },
+    {
+      pattern: /fs\.(?:writeFile|writeFileSync|copyFile|copyFileSync)\s*\([^)]*(?:node_modules\/(?!\.)[^/]+).*(?:index\.js|main\.js|package\.json)/i,
+      label: 'direct file write to peer node_modules'
+    },
+    {
+      pattern: /fs\.(?:writeFile|writeFileSync)\s*\([^)]*package\.json[^)]*["']scripts["']/i,
+      label: 'package.json script injection in another package'
+    },
+    {
+      pattern: /fs\.(?:writeFile|writeFileSync)\s*\([^)]*\.\.\/[^)]*package\.json/i,
+      label: 'writes modified package.json to sibling package'
+    },
+    {
+      pattern: /(?:exec|execSync|spawn)\s*\([^)]*(?:\.\.\/|process\.env\.INIT_CWD).*npm\s+install/i,
+      label: 'cross-directory npm install propagation'
+    },
+  ];
+
+  for (const { pattern, label } of highPatterns) {
+    if (pattern.test(code)) {
+      findings.push({
+        id: 'ATK-011',
+        severity: 'high',
+        title: 'Transitive propagation (worm)',
+        description: `Package attempts lateral worm-style spread: ${label}`,
+        evidence: 'transitive propagation pattern detected'
+      });
+      break;
+    }
+  }
+
+  if (findings.length === 0) {
+    const mediumPatterns = [
+      {
+        pattern: /process\.env\.npm_package_name/,
+        label: 'reads own package name from env (self-awareness indicator)'
+      },
+      {
+        pattern: /fs\.symlink(?:Sync)?\s*\([^)]*node_modules/,
+        label: 'creates symlinks in node_modules (worm spreading mechanism)'
+      },
+      {
+        pattern: /fs\.(?:mkdir|mkdirSync)\s*\([^)]*\.\.\/[^)]*node_modules/,
+        label: 'creates directories in parent node_modules'
+      },
+      {
+        pattern: /__dirname.*\.\.\/[^/]+\/node_modules.*require\(/,
+        label: 'dynamic parent-node_modules require for lateral spread'
+      },
+    ];
+
+    for (const { pattern, label } of mediumPatterns) {
+      if (pattern.test(code)) {
+        findings.push({
+          id: 'ATK-011',
+          severity: 'medium',
+          title: 'Transitive propagation (worm)',
+          description: label,
+          evidence: 'potential propagation indicator'
+        });
+        break;
+      }
+    }
+  }
+
+  return findings;
+}

package/backend/detectors/axios-poisoning/d1-version-fingerprint.js

@@ -0,0 +1,24 @@
+const BLOCKED_VERSIONS = new Map([
+  ['axios', ['1.14.1', '0.30.4']],
+]);
+
+export function scanVersionBlocklist(pkgJson) {
+  const pkgName = pkgJson?.name || '';
+  const pkgVersion = pkgJson?.version || '';
+
+  const blocked = BLOCKED_VERSIONS.get(pkgName);
+  if (!blocked) return { triggered: false, stopCondition: false, matchedVersion: null };
+
+  if (blocked.includes(pkgVersion)) {
+    return {
+      triggered: true,
+      stopCondition: true,
+      matchedVersion: pkgVersion,
+      reason: `Known compromised version in registry poisoning campaign`,
+    };
+  }
+
+  return { triggered: false, stopCondition: false, matchedVersion: null };
+}
+
+export { BLOCKED_VERSIONS };