Security: Claude Code committed obfuscated eval() backdoor in tailwind.config.ts
Resolved 💬 2 comments Opened Apr 9, 2026 by Kenseco Closed May 23, 2026
Summary
During a Claude Code session on March 22, 2026, a malicious eval() payload was committed to tailwind.config.ts as part of a multi-file commit co-authored by Claude Opus 4.6. The payload was hidden after ~300 spaces at the end of a line, making it invisible in normal code review.
Details
- Commit:
9b3790d("Fix race condition, memory leak, null safety, and input validation") - File:
packages/web/tailwind.config.ts - Change: The only modification to this file was replacing
};with};+ ~300 spaces +eval("global['_V']='5-209';"+atob('...')) - Payload signature:
_V='5-209'— a known malware family targeting Node.js developers
What the payload does
The base64-decoded payload:
- Fetches encrypted commands from Tron blockchain API (
api.trongrid.io) - Falls back to Aptos blockchain API (
fullnode.mainnet.aptoslabs.com) - Decodes the command via BSC RPC (
bsc-dataseed.binance.org) - Executes the decoded code via
eval()and spawns hidden child processes (detached: true, stdio: "ignore", windowsHide: true)
Possible causes
- A compromised npm package modified the file on disk via a postinstall script, and Claude Code then staged and committed it without detecting the obfuscated payload
- Poisoned training data caused Claude Code to generate the payload directly
- Prompt injection in the conversation context at the time
No package.json or package-lock.json changes were in the same commit, but there was an npm install a few commits earlier.
Suggestion
Claude Code should detect and refuse to commit:
eval()calls withatob()or base64-encoded strings- Lines with excessive trailing whitespace hiding code off-screen
- Known malware signatures like blockchain-based C2 patterns
Environment
- Model: Claude Opus 4.6 (1M context)
- Platform: macOS (Darwin)
- Date: March 22, 2026
- Project: Private monorepo (Nuxt 3 + Node.js API)
The payload has been removed. Reporting for awareness and to help improve Claude Code safety checks.
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗