THREAT INTELLIGENCE
AI Package Threat Patterns
Analysis of 56,960 scans reveals specific malicious patterns in AI agent packages
61% use dangerous execution methods
7,657 packages represent the highest threat volume we're tracking
eval() calls
3,369
exec() usage
2,986
Shell commands
1,301
Malicious Pattern Analysis
Credential Theft
26%
3,288 packages attempt to access credentials
SSH Keys1,234
AWS Credentials987
Browser Data1,141
Code Obfuscation
51%
6,368 packages use code obfuscation
Base64 Encoding2,981
Hex Strings1,876
Minified Payloads547
Data Exfiltration
36%
4,538 packages contain data exfiltration
HTTP Requests2,103
DNS Tunneling987
Webhook Calls539
Dynamic Execution
61%
7,657 packages use dangerous execution methods
eval() calls3,421
exec() usage2,987
Shell commands1,302
AI Attacks
10%
1,239 packages contain AI-specific attacks
Prompt Injections1,987
Jailbreak Attempts892
Tool Abuse665
Rising Threats
27.7%
Overall threat detection rate across all scans
This Week+12.3%
New Patterns47
Zero-Days8
Get Threat Intelligence Updates
Join 2,500+ security teams getting weekly threat intelligence reports
Share This Intelligence
Key stats to share:
• Packages Scanned: 56,960
• Threats Found: 15,756
• Install Hooks: 7,635
• Credential Theft: 3,288
Protect Your AI Agents Now
Don't let malicious packages compromise your AI systems. Start scanning with Sigil's free CLI today.