SANDWORM_MODE Checkmarx MPIAPI Query

query_file.bash

curl -L --compressed 'https://api.scs.checkmarx.com/v2/packages' \
      -H 'Content-type: application/json' \
      -H "Authorization: ${CHECKMARX_MPIAPI_KEY}" \
      --data "$(cat sandworm_packages.json)"
 

sandworm_packages.json

[
  {
    "type": "npm",
    "name": "claud-code",
    "version": "0.2.1"
  },
  {
    "type": "npm",
    "name": "cloude-code",
    "version": "0.2.1"
  },
  {
    "type": "npm",
    "name": "cloude",
    "version": "0.3.0"
  },
  {
    "type": "npm",
    "name": "crypto-locale",
    "version": "1.0.0"
  },
  {
    "type": "npm",
    "name": "crypto-reader-info",
    "version": "1.0.0"
  },
  {
    "type": "npm",
    "name": "detect-cache",
    "version": "1.0.0"
  },
  {
    "type": "npm",
    "name": "format-defaults",
    "version": "1.0.0"
  },
  {
    "type": "npm",
    "name": "hardhta",
    "version": "1.0.0"
  },
  {
    "type": "npm",
    "name": "locale-loader-pro",
    "version": "1.0.0"
  },
  {
    "type": "npm",
    "name": "naniod",
    "version": "1.0.0"
  },
  {
    "type": "npm",
    "name": "node-native-bridge",
    "version": "1.0.0"
  },
  {
    "type": "npm",
    "name": "opencraw",
    "version": "2026.2.17"
  },
  {
    "type": "npm",
    "name": "parse-compat",
    "version": "1.0.0"
  },
  {
    "type": "npm",
    "name": "rimarf",
    "version": "1.0.0"
  },
  {
    "type": "npm",
    "name": "scan-store",
    "version": "1.0.0"
  },
  {
    "type": "npm",
    "name": "secp256",
    "version": "1.0.0"
  },
  {
    "type": "npm",
    "name": "suport-color",
    "version": "1.0.1"
  },
  {
    "type": "npm",
    "name": "veim",
    "version": "2.46.2"
  }
]

This is an example curl command to use the JSON data file with the Checkmarx MPIAPI, which requires a token. However, feel free to use the JSON data in other ways, including as indicators of vulnerability in your environment.