jianying-editor
Audited by Socket on Jun 13, 2026
4 alerts found:
Anomalyx2Obfuscated Filex2本片段未提供可审计的业务实现代码,因而不能直接证明存在窃取、后门或恶意负载。但文档中包含一个高度敏感的供应链执行入口(PowerShell `irm ... | iex` 远端即时执行),并且还涉及 `pip` 依赖安装与 Playwright/Chromium 下载、网页渲染录制、桌面自动化导出等扩展攻击面。建议对远端安装脚本与仓库实际运行的安装/启动脚本进行完整校验与独立审计后再使用。
The code is primarily a local bootstrap for discovering and importing JyProject, but it introduces a significant supply-chain-like/local attack surface: it prepends a dynamically chosen scripts directory to sys.path based partly on an environment variable and filesystem presence, then imports jy_wrapper from that location without integrity checks. If an attacker can influence JY_SKILL_ROOT or plant/replace jy_wrapper.py in any searched directory, this can lead to import-time arbitrary code execution. Aside from this, the macOS PATH adjustment is likely benign, and there are no direct indicators of overt malware in the shown fragment.
The supplied file is an opaque binary-like blob, not readable JavaScript source. Static analysis of malicious behavior is inconclusive from this fragment alone. This artifact is suspicious because opaque high-entropy blobs in source packages are an established vector for hiding malicious payloads that are later decoded and executed by other package code. Action: treat it as suspicious until you (1) locate and audit any code that references/decodes/executes this blob, (2) inspect package.json/install scripts, and (3) if necessary extract and analyze the blob in an isolated sandbox. If no code references or executes it and it is a legitimate asset, risk is low; otherwise, risk can be high.
No explicit in-file malware found (no shell, no obfuscated payloads, no hardcoded credentials). However, the module poses moderate security risk primarily via supply-chain and data-exfiltration vectors: it prepends relative 'libs' directories to sys.path (allows malicious local api_client), uploads arbitrary local video files to a remote AI service without validation or consent, and writes streamed AI output to disk without sanitization. The file is also syntactically broken/incomplete, suggesting tampering or a corrupted copy. Recommend: do not run this file as-is; verify provenance of AntigravityClient, remove or harden sys.path manipulation, validate and constrain files before upload (size/type), import re, fix missing prompt and main routine, and add strict error handling and logging before use.