BinShieldLive

Package detail

onnxruntime-node@1.24.3

Treat this as an investigation surface: start with package posture, then inspect binary evidence, finding clusters, and version drift before approving rollout.

Back to browserJump to evidence

npm

onnxruntime-node@1.24.3

CRITICAL (85)

onnxruntime-node@1.24.3 exposes network, filesystem, process, crypto, obfuscation, dataExfiltration with overall critical risk.

Overall riskCRITICAL (85)

Package-level aggregate score

Source matchLOW

Confidence in decompiled/source alignment

Binary inventory14

162593 KB total analyzed size

Behavior familiesnone detected

Observed across all binaries

Risk score85

critical severity posture

Binary count14

Native artifacts recovered

ConfidenceLOW

Source/decompile alignment

Total size162593 KB

Combined binary payload

Analyst takeaways

3 evidence summaries
No escalated findings

The current evidence set is dominated by expected native behavior.

0/14 binaries carry findings

Not every native artifact in a package deserves equal attention. Focus review where findings cluster.

binshield-worker analysis with low confidence

Use the model summary as triage guidance, then validate against imports, strings, and recovered functions.

Version history

1 analyzed versions
0214364851.24.3
1.24.3critical (85)Current investigation target
  • Confidence: low
  • Analysis model: binshield-worker
  • Data mode: Connected to API

Version drift

5.1.6 to 5.1.7

This version introduces additional behavior that deserves security review.

Version 5.1.7 adds stricter extension loading checks and a slightly larger native payload.

Risk increased by 4 pointsUse this as triage guidance, then validate against binary evidence below.
Added: Additional filesystem path validation before extension loading.Added: Guarded extension loading before execution.
  1. Validate whether any newly added filesystem or process behavior is expected.
  2. Compare binary inventory to ensure no unexpected native artifact was introduced.
  3. Review high-signal strings and imports before approving rollout.

Finding clusters

0 findings

No escalated findings were emitted for this package version.

Binary evidence

14 native artifacts

Related packages

Similar signal surface

No related packages surfaced from the current dataset.

How this score was computed

Methodology transparency
none0-0
low1-29
medium30-59
high60-79
critical80-100
85
NONE0-0

No behaviors or findings detected.

LOW1-29

Expected behaviors only. Safe for most environments.

MEDIUM30-59

Some review-worthy behaviors. Inspect before deploying in hardened environments.

HIGH60-79

Multiple risk signals. Manual review required before production use.

CRITICAL80-100

Severe risk indicators. Block until validated by a security engineer.

Scoring factors

Findings2-45 pts per finding

Severity-weighted: info=2, low=8, medium=18, high=30, critical=45

Behaviors3-28 pts per detected

network=14, filesystem=4, process=12, crypto=3, obfuscation=24, exfiltration=28

Import countUp to 6 pts

importCount / 4, capped at 6. More imports = larger attack surface.

Function countUp to 5 pts

functionCount / 20, capped at 5. Complexity indicator.

Package-level score = 65% highest binary score + 35% average binary score. Scores are deterministic and reproducible.