jadoonf/npm-analysis-feedGarnet: TanStack MatrixRun 25697800810jadoonfMay 11, 9:17 PM

Execution lineage14 destinations

systemd

hosted-compute-agent

Runner.Listener

Runner.Worker

bash

node

node

dash

bun.exe

$bun run tanstack_runner.js

169.254.169.254IMDS

api.github.comGitHub

git-tanstack.com

dash

sudo

python3.10Code injection via /proc memory

$python3

node

$/opt/hostedtoolcache/node/20.20.2/x64/bin/node /opt/hostedtoolcache/node/20.20.2/x64/lib/node_modules/npm/bin/npm-cli.js install --force --cache=/home/runner/.npm --prefer-offline=false --prefer-online=false --offline=false --no-progress --no-save --no-audit --include=dev --include=peer --include=optional --no-package-lock-only --no-dry-run

registry.npmjs.orgnpm

node /opt/hostedtoolcache/node/20.20.2/x64/bin/npm install @tanstack/react-router@1.169.8 --no-save --no-package-lock --loglevel verbose

codeload.github.comGitHub

registry.npmjs.orgnpm

node

$/home/runner/actions-runner/cached/2.334.0/externals/node20/bin/node /home/runner/work/_actions/actions/upload-artifact/v4/dist/upload/index.js

blob.bn9prdstrz04a.store.core.windows.netAzure

blob.bn9prdstrz04a.trafficmanager.net

glb-db52c2cf8be544.github.comGitHub

productionresultssa17.blob.core.windows

results-receiver.actions.githubusercontent

sudo

provjobd727474835

$/tmp/provjobd727474835

glb-2a3c35-public-internal.githubapp.com

hosted-compute-watchdog-prod-iad-01.githubapp

hosted-compute-agent

$/opt/hca/hosted-compute-agent

140.82.114.23

140.82.114.24

Checks (3)

12 domains·15 connectionsd4ea87a