2026-07-17
We ran an automated behavioral scan over the most-installed npm packages, the kind of check you would drop into CI. About seven in eight came back with nothing flagged. The interesting part is the ones that did get flagged, because almost none of them are actually dangerous. They are ordinary, trusted libraries that happen to do something that also shows up in malware.
A handful of patterns account for most of the noise:
Function constructor. A template engine compiling a template and a piece of malware
unpacking a payload use the exact same primitive. A scanner that flags every Function() or
eval() flags all of them.The signal is not the primitive, it is the context. Function() on a template
string is a compiler. Function() on a value that was just base64-decoded or fetched from the
network is a payload. A setInterval next to a fetch and an eval,
all in one small loop, is a self-updating beacon; the same three things scattered across a bundled CLI
are a coincidence. Reading process.env is normal; reading ~/.ssh/id_rsa and
posting it to a raw IP is not.
Getting this right is most of the work. A scanner that cries wolf trains you to ignore it, which is worse than no scanner. So we tune hard for precision: exact known-bad matching, behavioral rules that require corroborating context, minified bundles handled as the noise they are, and every verdict bound to a content hash so you can confirm what you installed is what got scanned.
Scan any package free from the browser, or add the
CI action to your repo. A
clear result means no known-bad match and no rule fired: a signal, not a warranty, and the
full evidence for anything flagged is in the report.
Lazaretto is the pre-install checkpoint agents call themselves. Try it · pricing.