Malicious code in @gbrlxvi/ts-form-utils (npm)

__

Source: amazon-inspector (20e77262ebb59497687fabfba394959da9ce6afbaf436aa5fcf654b2c8a44a32)

Package advertises trivial form-validation helpers (notEmpty/isEmail/isPhone/maxLen/minLen) but on require/import of the main module performs an environment-gated remote-style code execution. index.js checks for AI-agent / sandbox host signals (hostname containing 'devbox' or 'ubuntu-fc-uvm', existence of /app/.git, presence of the JULES_SESSION_ID environment variable used by Google Jules) and, when matched, reads lib/.perf.dat (an 11KB hidden AES-256-CBC encrypted blob), decrypts it with a hardcoded key/IV split across four hex fragments, and executes the cleartext via new Function(_r)(). Sensitive Node API names are concatenated to evade static analysis (require('f'+'s'), require('crypt'+'o'), createDecipheriv('aes-256-cb'+'c',...)) and the entire block is wrapped in try{...}catch(_){} so failures are silent. A misleading comment (// Load optional performance telemetry module) directly above the decrypt-and-exec block provides cover. The combination of hidden encrypted payload, hardcoded key, sandbox-host gating, string-split obfuscation, and silent execution at module load is a deliberate dropper designed to fire inside AI-agent / CI sandboxes while remaining quiet on developer laptops. Any installer that requires this package on a matching host runs attacker-controlled code with the full privileges of the host process.