@stepsec/malware-simulator v0.0.3

Malware-Simulator Package

To simulate behavior of past compromised packages, StepSecurity has created a package called @stepsec/malware-simulator. The simulator is NOT actual malware; the package just makes an outbound call to stepsec.github.io in a preinstall step

This package can be used by developers to:

1. Understand how malicious packages make outbound calls as part of the install steps
2. How the Harden-Runner GitHub Action can find this behavior (tutorial)
3. Use as a test package for your applications – to check if defenses are working as expected

You can think of the @stepsec/malware-simulator being similar to the EICAR anti-virus simulator file, which is used as a test file for anti-virus software.