MSS-SK-2026-0015

WASM plugins self-grant capabilities via package.json

Summary

src/wasm/loader/plugin-registry.ts:186-198 reads packageJson.wasmCapabilities and grants them with no admin consent. dataRead/dataWrite default true. PoC verified 11/11 dangerous capabilities self-granted.

Impact

Malicious WASM plugin claims rawSockets/serialPorts/putHandlers and gets them at install time.

Evidence — code citations

research/audits/signalk/validation/evidence/MSS-SK-2026-0015/

Proof of concept

research/audits/signalk/exploits/0015-wasm-self-grant.js/

0015-wasm-self-grant.js — single-file