muaddib-scanner 2.4.0 → 2.4.2

package/bin/muaddib.js

@@ -620,13 +620,14 @@ if (command === 'version' || command === '--version' || command === '-v') {
   const packageName = sandboxOpts[0];
   const strict = options.includes('--strict');
   const canary = !options.includes('--no-canary');
+  const local = options.includes('--local');
   if (!packageName) {
-    console.log('Usage: muaddib sandbox <package-name> [--strict] [--no-canary]');
+    console.log('Usage: muaddib sandbox <package-name|path> [--local] [--strict] [--no-canary]');
     process.exit(1);
   }
 
   buildSandboxImage()
-    .then(() => runSandbox(packageName, { strict, canary }))
+    .then(() => runSandbox(packageName, { strict, canary, local }))
     .then((results) => {
       process.exit(results.suspicious ? 1 : 0);
     })
@@ -639,13 +640,14 @@ if (command === 'version' || command === '--version' || command === '-v') {
   const packageName = sandboxOpts[0];
   const strict = options.includes('--strict');
   const canary = !options.includes('--no-canary');
+  const local = options.includes('--local');
   if (!packageName) {
-    console.log('Usage: muaddib sandbox-report <package-name> [--strict] [--no-canary]');
+    console.log('Usage: muaddib sandbox-report <package-name|path> [--local] [--strict] [--no-canary]');
     process.exit(1);
   }
 
   buildSandboxImage()
-    .then(() => runSandbox(packageName, { strict, canary }))
+    .then(() => runSandbox(packageName, { strict, canary, local }))
     .then((results) => {
       if (results.raw_report) {
         console.log(generateNetworkReport(results.raw_report));

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "muaddib-scanner",
-  "version": "2.4.0",
+  "version": "2.4.2",
   "description": "Supply-chain threat detection & response for npm & PyPI/Python",
   "main": "src/index.js",
   "bin": {

package/src/response/playbooks.js

@@ -382,6 +382,11 @@ const PLAYBOOKS = {
     'Acces a 3+ cles API de providers LLM (OpenAI, Anthropic, Google, etc.). Usage unique = legitime, ' +
     'acces multiples = collecte pour revente ou abus. Verifier si le package a une raison ' +
     'legitime d\'acceder a plusieurs providers. Revoquer les cles exposees si necessaire.',
+
+  suspicious_domain:
+    'Domaine C2 ou d\'exfiltration detecte dans le code source. Ces domaines (oastify.com, webhook.site, ngrok.io, etc.) ' +
+    'sont utilises pour recevoir des donnees volees ou relayer des commandes. Verifier si le package a une raison ' +
+    'legitime d\'utiliser ce domaine. Bloquer les connexions sortantes vers ce domaine.',
 };
 
 function getPlaybook(threatType) {

package/src/rules/index.js

@@ -1090,6 +1090,19 @@ const RULES = {
     ],
     mitre: 'T1552.001'
   },
+
+  suspicious_domain: {
+    id: 'MUADDIB-AST-032',
+    name: 'Suspicious C2/Exfiltration Domain',
+    severity: 'HIGH',
+    confidence: 'high',
+    description: 'Domaine C2 ou d\'exfiltration detecte dans le code (oastify.com, burpcollaborator.net, webhook.site, ngrok.io, etc.). Ces domaines sont utilises pour recevoir des donnees volees ou comme relais de commande.',
+    references: [
+      'https://attack.mitre.org/techniques/T1071/001/',
+      'https://portswigger.net/burp/documentation/collaborator'
+    ],
+    mitre: 'T1071.001'
+  },
 };
 
 function getRule(type) {

package/src/sandbox.js

@@ -1,5 +1,6 @@
 const { execSync, execFileSync, spawn } = require('child_process');
 const crypto = require('crypto');
+const fs = require('fs');
 const path = require('path');
 const {
   generateCanaryTokens,
@@ -125,18 +126,40 @@ async function buildSandboxImage() {
 async function runSandbox(packageName, options = {}) {
   const cleanResult = { score: 0, severity: 'CLEAN', findings: [], raw_report: null, suspicious: false };
 
-  if (!isDockerAvailable()) {
-    console.log('[SANDBOX] Docker is not installed or not running. Skipping.');
-    return cleanResult;
-  }
-
   const strict = options.strict || false;
   const canaryEnabled = options.canary !== false; // enabled by default
+  const local = options.local || false;
   const mode = strict ? 'strict' : 'permissive';
 
-  // Validate package name before passing to container
-  if (!NPM_PACKAGE_REGEX.test(packageName)) {
-    console.log('[SANDBOX] Invalid package name: ' + packageName);
+  // Validate inputs before checking Docker availability
+  let localAbsPath = null;
+  let displayName = packageName;
+
+  if (local) {
+    localAbsPath = path.resolve(packageName);
+    if (!fs.existsSync(localAbsPath)) {
+      console.log('[SANDBOX] Local path does not exist: ' + localAbsPath);
+      return cleanResult;
+    }
+    // Read package name for display
+    const pkgJsonPath = path.join(localAbsPath, 'package.json');
+    if (fs.existsSync(pkgJsonPath)) {
+      try {
+        const pkg = JSON.parse(fs.readFileSync(pkgJsonPath, 'utf8'));
+        displayName = pkg.name || path.basename(localAbsPath);
+      } catch { displayName = path.basename(localAbsPath); }
+    } else {
+      displayName = path.basename(localAbsPath);
+    }
+  } else {
+    if (!NPM_PACKAGE_REGEX.test(packageName)) {
+      console.log('[SANDBOX] Invalid package name: ' + packageName);
+      return cleanResult;
+    }
+  }
+
+  if (!isDockerAvailable()) {
+    console.log('[SANDBOX] Docker is not installed or not running. Skipping.');
     return cleanResult;
   }
 
@@ -147,7 +170,7 @@ async function runSandbox(packageName, options = {}) {
     canaryTokens = canary.tokens;
   }
 
-  console.log(`[SANDBOX] Analyzing "${packageName}" in isolated container (mode: ${mode}${canaryEnabled ? ', canary: on' : ''})...`);
+  console.log(`[SANDBOX] Analyzing "${displayName}" in isolated container (mode: ${mode}${canaryEnabled ? ', canary: on' : ''}${local ? ', local' : ''})...`);
 
   return new Promise((resolve) => {
     let stdout = '';
@@ -190,8 +213,13 @@ async function runSandbox(packageName, options = {}) {
     dockerArgs.push('--read-only');
 
     dockerArgs.push('--security-opt', 'no-new-privileges');
+
+    if (local) {
+      dockerArgs.push('-v', `${localAbsPath}:/sandbox/local-pkg:ro`);
+    }
+
     dockerArgs.push(DOCKER_IMAGE);
-    dockerArgs.push(packageName);
+    dockerArgs.push(local ? '/sandbox/local-pkg' : packageName);
     dockerArgs.push(mode);
 
     const proc = spawn('docker', dockerArgs);
@@ -262,6 +290,9 @@ async function runSandbox(packageName, options = {}) {
           jsonStr = stdout.substring(jsonStart, jsonEnd + 1);
         }
         report = JSON.parse(jsonStr);
+        if (local && report) {
+          report.package = displayName;
+        }
       } catch (e) {
         console.log('[SANDBOX] Failed to parse container output:', e.message);
         resolve(cleanResult);
@@ -351,8 +382,9 @@ function detectStaticCanaryExfiltration(report) {
   for (const file of (report.filesystem?.created || [])) if (file) searchable.push(file);
   for (const proc of (report.processes?.spawned || [])) if (proc.command) searchable.push(proc.command);
 
-  // Install output
+  // Install + entrypoint output
   if (report.install_output) searchable.push(report.install_output);
+  if (report.entrypoint_output) searchable.push(report.entrypoint_output);
 
   const allOutput = searchable.join('\n');
 

package/src/scanner/ast-detectors.js

@@ -102,6 +102,18 @@ const GIT_HOOKS = [
   'pre-rebase', 'post-rewrite', 'pre-auto-gc'
 ];
 
+// Suspicious C2/exfiltration domains (HIGH severity)
+const SUSPICIOUS_DOMAINS_HIGH = [
+  'oastify.com', 'oast.fun', 'oast.me', 'oast.live',
+  'burpcollaborator.net', 'webhook.site', 'pipedream.net',
+  'requestbin.com', 'hookbin.com', 'canarytokens.com'
+];
+
+// Suspicious tunnel/proxy domains (MEDIUM severity)
+const SUSPICIOUS_DOMAINS_MEDIUM = [
+  'ngrok.io', 'ngrok-free.app', 'serveo.net', 'localhost.run', 'loca.lt'
+];
+
 // LLM API key environment variable names (3+ = harvesting)
 const LLM_API_KEY_VARS = [
   'OPENAI_API_KEY', 'ANTHROPIC_API_KEY', 'GOOGLE_API_KEY',
@@ -945,6 +957,31 @@ function handleLiteral(node, ctx) {
         });
       }
     }
+
+    // Detect suspicious C2/exfiltration domains in string literals
+    const lowerVal = node.value.toLowerCase();
+    for (const domain of SUSPICIOUS_DOMAINS_HIGH) {
+      if (lowerVal.includes(domain)) {
+        ctx.threats.push({
+          type: 'suspicious_domain',
+          severity: 'HIGH',
+          message: `Suspicious C2/exfiltration domain "${domain}" found in string literal.`,
+          file: ctx.relFile
+        });
+        break;
+      }
+    }
+    for (const domain of SUSPICIOUS_DOMAINS_MEDIUM) {
+      if (lowerVal.includes(domain)) {
+        ctx.threats.push({
+          type: 'suspicious_domain',
+          severity: 'MEDIUM',
+          message: `Suspicious tunnel/proxy domain "${domain}" found in string literal.`,
+          file: ctx.relFile
+        });
+        break;
+      }
+    }
   }
 }
 

package/src/scanner/dataflow.js

@@ -6,6 +6,108 @@ const { getCallName } = require('../utils.js');
 const { ACORN_OPTIONS, safeParse } = require('../shared/constants.js');
 const { analyzeWithDeobfuscation } = require('../shared/analyze-helper.js');
 
+// Module classification maps for intra-file taint tracking
+const MODULE_SOURCE_METHODS = {
+  os: {
+    homedir: 'fingerprint_read', hostname: 'fingerprint_read',
+    networkInterfaces: 'fingerprint_read', userInfo: 'fingerprint_read',
+    platform: 'telemetry_read', arch: 'telemetry_read'
+  },
+  fs: {
+    readFileSync: 'credential_read', readFile: 'credential_read',
+    readdirSync: 'credential_read', readdir: 'credential_read'
+  },
+  child_process: {
+    exec: 'command_output', execSync: 'command_output',
+    spawn: 'command_output', spawnSync: 'command_output'
+  }
+};
+
+const MODULE_SINK_METHODS = {
+  child_process: { exec: 'exec_sink', execSync: 'exec_sink', spawn: 'exec_sink' },
+  http: { request: 'network_send', get: 'network_send' },
+  https: { request: 'network_send', get: 'network_send' },
+  net: { connect: 'network_send', createConnection: 'network_send' },
+  tls: { connect: 'network_send', createConnection: 'network_send' },
+  dns: { resolve: 'network_send', lookup: 'network_send', resolve4: 'network_send', resolve6: 'network_send', resolveTxt: 'network_send' },
+  fs: { writeFileSync: 'file_tamper', writeFile: 'file_tamper' }
+};
+
+// All tracked module names (for filtering in buildTaintMap)
+const TRACKED_MODULES = new Set([
+  ...Object.keys(MODULE_SOURCE_METHODS),
+  ...Object.keys(MODULE_SINK_METHODS)
+]);
+
+// Methods that execute commands — used for exec result capture detection
+const EXEC_METHODS = new Set(['exec', 'execSync', 'spawn', 'spawnSync']);
+
+/**
+ * Pre-pass: builds a taint map from require() assignments.
+ * Maps variable names to { source: moduleName, detail: 'module.method' }
+ * Only tracks modules in MODULE_SOURCE_METHODS or MODULE_SINK_METHODS.
+ */
+function buildTaintMap(ast) {
+  const taintMap = new Map();
+
+  walk.simple(ast, {
+    VariableDeclarator(node) {
+      if (!node.init) return;
+
+      // Pattern: const x = require("os")
+      if (node.id.type === 'Identifier' && node.init.type === 'CallExpression') {
+        const callee = node.init.callee;
+        if (callee.type === 'Identifier' && callee.name === 'require' && node.init.arguments.length > 0) {
+          const arg = node.init.arguments[0];
+          if (arg.type === 'Literal' && typeof arg.value === 'string' && TRACKED_MODULES.has(arg.value)) {
+            taintMap.set(node.id.name, { source: arg.value, detail: arg.value });
+          }
+        }
+      }
+
+      // Pattern: const { exec, spawn } = require("child_process")
+      if (node.id.type === 'ObjectPattern' && node.init.type === 'CallExpression') {
+        const callee = node.init.callee;
+        if (callee.type === 'Identifier' && callee.name === 'require' && node.init.arguments.length > 0) {
+          const arg = node.init.arguments[0];
+          if (arg.type === 'Literal' && typeof arg.value === 'string' && TRACKED_MODULES.has(arg.value)) {
+            for (const prop of node.id.properties) {
+              if (prop.type === 'Property' && prop.value?.type === 'Identifier') {
+                const methodName = prop.key?.type === 'Identifier' ? prop.key.name : (prop.key?.value || '');
+                taintMap.set(prop.value.name, { source: arg.value, detail: `${arg.value}.${methodName}` });
+              }
+            }
+          }
+        }
+      }
+
+      // Pattern: const e = process.env
+      if (node.id.type === 'Identifier' && node.init.type === 'MemberExpression') {
+        const obj = node.init.object;
+        const prop = node.init.property;
+        if (obj?.type === 'Identifier' && obj.name === 'process' &&
+            prop?.type === 'Identifier' && prop.name === 'env') {
+          taintMap.set(node.id.name, { source: 'process.env', detail: 'process.env' });
+        }
+      }
+
+      // Pattern: const h = x.homedir where x is tainted as "os"
+      if (node.id.type === 'Identifier' && node.init.type === 'MemberExpression') {
+        const obj = node.init.object;
+        const prop = node.init.property;
+        if (obj?.type === 'Identifier' && prop?.type === 'Identifier') {
+          const parentTaint = taintMap.get(obj.name);
+          if (parentTaint && TRACKED_MODULES.has(parentTaint.source)) {
+            taintMap.set(node.id.name, { source: parentTaint.source, detail: `${parentTaint.source}.${prop.name}` });
+          }
+        }
+      }
+    }
+  });
+
+  return taintMap;
+}
+
 async function analyzeDataFlow(targetPath, options = {}) {
   return analyzeWithDeobfuscation(targetPath, analyzeFile, {
     deobfuscate: options.deobfuscate
@@ -28,6 +130,12 @@ function analyzeFile(content, filePath, basePath) {
   // Track variables assigned from sensitive path expressions
   const sensitivePathVars = new Set();
 
+  // Build taint map for aliased require tracking
+  const taintMap = buildTaintMap(ast);
+
+  // Track exec calls whose result is captured (for command_output source detection)
+  const execResultNodes = new Set();
+
   walk.simple(ast, {
     VariableDeclarator(node) {
       if (node.id?.type === 'Identifier' && node.init) {
@@ -48,6 +156,34 @@ function analyzeFile(content, filePath, basePath) {
             }
           }
         }
+        // Track exec result capture: const output = execSync('cmd')
+        if (node.init.type === 'CallExpression') {
+          let execName = null;
+          const initCallee = node.init.callee;
+          if (initCallee?.type === 'Identifier' && EXEC_METHODS.has(initCallee.name)) {
+            const taint = taintMap.get(initCallee.name);
+            if (taint && taint.source === 'child_process') {
+              execName = taint.detail;
+            }
+          } else if (initCallee?.type === 'MemberExpression' &&
+                     initCallee.object?.type === 'Identifier' &&
+                     initCallee.property?.type === 'Identifier' &&
+                     EXEC_METHODS.has(initCallee.property.name)) {
+            const taint = taintMap.get(initCallee.object.name);
+            if (taint && taint.source === 'child_process') {
+              execName = `child_process.${initCallee.property.name}`;
+            }
+          }
+          if (execName) {
+            execResultNodes.add(node.init);
+            sources.push({
+              type: 'command_output',
+              name: execName,
+              line: node.loc?.start?.line,
+              taint_tracked: true
+            });
+          }
+        }
       }
     },
 
@@ -163,6 +299,94 @@ function analyzeFile(content, filePath, basePath) {
         }
       }
 
+      // Taint resolution: aliased module calls (e.g., const myOs = require("os"); myOs.homedir())
+      if (node.callee.type === 'MemberExpression') {
+        const obj = node.callee.object;
+        const prop = node.callee.property;
+        if (obj?.type === 'Identifier' && prop?.type === 'Identifier') {
+          const taint = taintMap.get(obj.name);
+          // Dedup guard: skip when varName === moduleName (already handled by hard-coded checks above)
+          if (taint && obj.name !== taint.source) {
+            const moduleName = taint.source;
+            const methodName = prop.name;
+            // Check source methods (skip command_output — handled by VariableDeclarator capture)
+            const sourceMethods = MODULE_SOURCE_METHODS[moduleName];
+            if (sourceMethods && sourceMethods[methodName] && sourceMethods[methodName] !== 'command_output') {
+              sources.push({
+                type: sourceMethods[methodName],
+                name: `${moduleName}.${methodName}`,
+                line: node.loc?.start?.line,
+                taint_tracked: true
+              });
+            }
+            // Check sink methods
+            const sinkMethods = MODULE_SINK_METHODS[moduleName];
+            if (sinkMethods && sinkMethods[methodName]) {
+              sinks.push({
+                type: sinkMethods[methodName],
+                name: `${moduleName}.${methodName}`,
+                line: node.loc?.start?.line,
+                taint_tracked: true
+              });
+            }
+          }
+        }
+      }
+
+      // Taint resolution: bare destructured calls (e.g., const { exec } = require("child_process"); exec("cmd"))
+      if (node.callee.type === 'Identifier') {
+        const taint = taintMap.get(node.callee.name);
+        if (taint && taint.detail.includes('.')) {
+          const [moduleName, methodName] = taint.detail.split('.');
+          // Check sink methods for destructured calls
+          const sinkMethods = MODULE_SINK_METHODS[moduleName];
+          if (sinkMethods && sinkMethods[methodName]) {
+            sinks.push({
+              type: sinkMethods[methodName],
+              name: `${moduleName}.${methodName}`,
+              line: node.loc?.start?.line,
+              taint_tracked: true
+            });
+          }
+          // Check source methods for destructured calls (skip command_output — handled by VariableDeclarator capture)
+          const sourceMethods = MODULE_SOURCE_METHODS[moduleName];
+          if (sourceMethods && sourceMethods[methodName] && sourceMethods[methodName] !== 'command_output') {
+            sources.push({
+              type: sourceMethods[methodName],
+              name: `${moduleName}.${methodName}`,
+              line: node.loc?.start?.line,
+              taint_tracked: true
+            });
+          }
+        }
+      }
+
+      // Exec callback: exec('cmd', (err, stdout) => {...}) — output will be used
+      if (!execResultNodes.has(node) && node.arguments.length >= 2) {
+        const lastArg = node.arguments[node.arguments.length - 1];
+        if (lastArg.type === 'FunctionExpression' || lastArg.type === 'ArrowFunctionExpression') {
+          let isExecCb = false;
+          if (node.callee?.type === 'Identifier' && EXEC_METHODS.has(node.callee.name)) {
+            const taint = taintMap.get(node.callee.name);
+            isExecCb = !!(taint && taint.source === 'child_process');
+          } else if (node.callee?.type === 'MemberExpression' &&
+                     node.callee.object?.type === 'Identifier' &&
+                     node.callee.property?.type === 'Identifier' &&
+                     EXEC_METHODS.has(node.callee.property.name)) {
+            const taint = taintMap.get(node.callee.object.name);
+            isExecCb = !!(taint && taint.source === 'child_process');
+          }
+          if (isExecCb) {
+            sources.push({
+              type: 'command_output',
+              name: 'child_process.exec',
+              line: node.loc?.start?.line,
+              taint_tracked: true
+            });
+          }
+        }
+      }
+
       // Track eval calls for staged payload detection
       if (callName === 'eval') {
         sinks.push({
@@ -174,6 +398,31 @@ function analyzeFile(content, filePath, basePath) {
     },
 
     MemberExpression(node) {
+      // Taint resolution: aliased process.env (e.g., const env = process.env; env.NPM_TOKEN)
+      if (node.object?.type === 'Identifier' && node.property) {
+        const taint = taintMap.get(node.object.name);
+        if (taint && taint.source === 'process.env') {
+          if (node.computed) {
+            sources.push({
+              type: 'env_read',
+              name: 'process.env[dynamic]',
+              line: node.loc?.start?.line,
+              taint_tracked: true
+            });
+          } else {
+            const envVar = node.property?.name || '';
+            if (isSensitiveEnv(envVar)) {
+              sources.push({
+                type: 'env_read',
+                name: envVar,
+                line: node.loc?.start?.line,
+                taint_tracked: true
+              });
+            }
+          }
+        }
+      }
+
       if (
         node.object?.object?.name === 'process' &&
         node.object?.property?.name === 'env'
@@ -210,6 +459,9 @@ function analyzeFile(content, filePath, basePath) {
     }
   });
 
+  // Check if any source or sink was resolved via taint tracking
+  const hasTaintTracked = sources.some(s => s.taint_tracked) || sinks.some(s => s.taint_tracked);
+
   // Detect staged payload: network fetch + eval in same file (no credential source needed)
   const hasNetworkSink = sinks.some(s => s.type === 'network_send' || s.type === 'exec_network');
   const hasEvalSink = sinks.some(s => s.type === 'eval_exec');
@@ -218,12 +470,15 @@ function analyzeFile(content, filePath, basePath) {
       type: 'staged_payload',
       severity: 'CRITICAL',
       message: 'Network fetch + eval() in same file (staged payload execution).',
-      file: path.relative(basePath, filePath)
+      file: path.relative(basePath, filePath),
+      ...(hasTaintTracked && { taint_tracked: true })
     });
   }
 
   // Separate exfiltration sinks from file tampering sinks
-  const exfilSinks = sinks.filter(s => s.type !== 'file_tamper');
+  // When command output is captured, exclude exec_sink (the exec itself is the source, not an exfil sink)
+  const hasCommandOutput = sources.some(s => s.type === 'command_output');
+  const exfilSinks = sinks.filter(s => s.type !== 'file_tamper' && !(hasCommandOutput && s.type === 'exec_sink'));
   const fileTamperSinks = sinks.filter(s => s.type === 'file_tamper');
 
   if (sources.length > 0 && exfilSinks.length > 0) {
@@ -243,11 +498,13 @@ function analyzeFile(content, filePath, basePath) {
     const allTelemetryOnly = sources.every(s => s.type === 'telemetry_read');
     if (allTelemetryOnly && severity === 'CRITICAL') severity = 'HIGH';
 
+    const sourceDesc = hasCommandOutput ? 'command output' : 'credentials read';
     threats.push({
       type: 'suspicious_dataflow',
       severity: severity,
-      message: `Suspicious flow: credentials read (${sources.map(s => s.name).join(', ')}) + network send (${exfilSinks.map(s => s.name).join(', ')})`,
-      file: path.relative(basePath, filePath)
+      message: `Suspicious flow: ${sourceDesc} (${sources.map(s => s.name).join(', ')}) + network send (${exfilSinks.map(s => s.name).join(', ')})`,
+      file: path.relative(basePath, filePath),
+      ...(hasTaintTracked && { taint_tracked: true })
     });
   }
 
@@ -257,7 +514,8 @@ function analyzeFile(content, filePath, basePath) {
       type: 'credential_tampering',
       severity: 'CRITICAL',
       message: `Cache poisoning: sensitive data access (${sources.map(s => s.name).join(', ')}) + write to sensitive path (${fileTamperSinks.map(s => s.name).join(', ')})`,
-      file: path.relative(basePath, filePath)
+      file: path.relative(basePath, filePath),
+      ...(hasTaintTracked && { taint_tracked: true })
     });
   }
 

package/src/scoring.js

@@ -149,7 +149,10 @@ const BENIGN_PACKAGE_WHITELIST = new Set([
   'blessed',              // module._compile for terminal capabilities (module_compile FP)
   'sharp',                // native bindings with dynamic require + postinstall (lifecycle FP)
   'forever',              // process manager: detached spawn + HOME config access (dataflow FP)
-  'start-server-and-test' // curl/wget in test scripts, not install hooks (lifecycle FP)
+  'start-server-and-test', // curl/wget in test scripts, not install hooks (lifecycle FP)
+  'ultra-runner',         // aliased fs.readFileSync in pnp.js + dynamic require (taint-tracked dataflow FP)
+  'node-gyp',             // aliased child_process.spawn in node-gyp.js + env access (taint-tracked dataflow FP)
+  'graceful-fs'           // aliased fs.readFile/readdir/writeFile monkey-patching (taint-tracked credential_tampering FP)
 ]);
 
 // Threat types never affected by benign package whitelist (real compromise indicators)