-= Per source details. Do not edit below this line.=-
The package elf-stats-ginger-wreath-646 was found to contain malicious code.
The OpenSSF Package Analysis project identified 'elf-stats-ginger-wreath-646' @ 1.0.0 (npm) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.
{
"malicious-packages-origins": [
{
"sha256": "111a6042acaae772dca533487457a6de42e73f9462255ae37229e7e573d8556a",
"source": "ossf-package-analysis",
"import_time": "2025-12-04T14:07:15.48003068Z",
"modified_time": "2025-12-04T13:55:53Z",
"versions": [
"1.0.0"
]
},
{
"sha256": "0736ed9611847ba4c5416cd0bd8ba33bae114769eec8947e7d58c85c3ce100c1",
"source": "amazon-inspector",
"import_time": "2025-12-05T20:39:35.19817156Z",
"modified_time": "2025-12-05T20:38:15Z",
"versions": [
"1.0.0"
]
}
]
}