page-reduce
Warn
Audited by Socket on Jul 7, 2026
1 alert found:
AnomalyAnomalyscripts/page-reduce-bundle.js
LOWAnomalyLOW
scripts/page-reduce-bundle.js
No clear indicators of classic malware (no eval/dynamic execution, no network activity/exfiltration, no credential theft). However, the module is highly intrusive and can destructively alter the host page in reduce mode (media replacement with generated blob URLs, stripping/removing content and attributes, tokenizing/rewriting markup) and it monkey-patches console logging globally. It also exposes a global content extraction primitive (window.__reduceForSkill) that returns tokenized representations and metadata, which can be privacy/security sensitive depending on who consumes it. Overall, treat as a high-integrity/availability and data-extraction risk rather than confirmed malware.
Confidence: 63%Severity: 66%
Audit Metadata