// Code execution / obfuscation

Long base64 literal (likely encoded payload)

pattern: long-base64-literal

Packages that contain a base64 string longer than 200 characters as a string literal. Almost always an encoded second-stage payload that gets decoded and executed at runtime.

2 packages flagged with this pattern. Newest first.

AUTO-PUBLISHED/npm/2025-04-21/MAL-2026-4093
@antv/vendor@1.0.11
by bqxbqxbqx
Vendored dependencies to fix ERR_REQUIRE_ESM.
→ sends tohttps://github.com/d3/d3-dispatch/blob/main/LICENSE
child-process-spawnlong-base64-literallong-hex-literal
→ No suspicious destination, no remote-exec shape — 1 known-vendor host(s).
weekly
—
/wk
llm verdict
benign
AUTO-PUBLISHED/npm/2024-08-06/MAL-2026-4002
@antv/gi-assets-galaxybase@1.2.15
by iaaron
Galaxybase 团队的图分析资产包
→ sends tohttps://github.com/facebook/regenerator/blob/main/LICENSE
long-base64-literal
→ No suspicious destination, no remote-exec shape — 1 known-vendor host(s), 1 other host(s).
weekly
55
/wk
llm verdict
benign 0.85
h-score

0.85

h-score

75

patterns

3

size

1.2 MB

versions

13

75

patterns

1

size

1.3 MB

versions

22

Long base64 literal (likely encoded payload)

@antv/vendor@1.0.11

@antv/gi-assets-galaxybase@1.2.15