tripleight/fake_job_demo-md-dex

⚠️ malicious code - do not run on your machine ⚠️

TypeScript

No license

This repository contains malicious code disguised as a decentralized exchange (DEX) project, combining AI prompt-injection with an EJS Server-Side Template Injection vulnerability (CVE-2022-29078) to create a high-severity remote code execution exploit. It was originally based on the `mike-dancey/dex` repository but has been modified to target AI assistants like Cursor through manipulated `.cursorignore` files, allowing attackers to compromise developers' machines when they run the project as a "take-home interview task." The project should never be executed or installed under any circumstances.

Total donated

Undistributed

Share with your subscribers:

Recipients

How the donated funds are distributed

Support the dependencies of tripleight/fake_job_demo-md-dex

open-cli-tools/concurrently

Run commands concurrently

Support the dependencies

Support the repos that depend on this repository

Top contributors

TriplEight

5 contributions

Recent events

Kivach works on the Obyte network, and therefore you can track all donations.

No events yet