-= Per source details. Do not edit below this line.=-
The OpenSSF Package Analysis project identified '@vf-org/smapi-js-core' @ 8.2.10 (npm) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.
{ "malicious-packages-origins": [ { "import_time": "2025-01-06T15:05:37.941040121Z", "source": "ossf-package-analysis", "modified_time": "2025-01-06T14:50:50Z", "versions": [ "8.2.0" ], "sha256": "4d12d4e4388bdfd37673aa9e4527d481312b56703325b9cc938f22cac268f25e" }, { "import_time": "2025-01-08T16:06:28.521128934Z", "source": "ossf-package-analysis", "modified_time": "2025-01-08T16:06:15Z", "versions": [ "8.2.8" ], "sha256": "c65a9bdbdc937bde66ed0fc1af5eacb32463d2b5b5ff062fb3c27be47ba9fe03" }, { "import_time": "2025-01-08T17:34:55.668590305Z", "source": "ossf-package-analysis", "modified_time": "2025-01-08T17:10:46Z", "versions": [ "8.2.9" ], "sha256": "a44e7fb0287f1237c5151a7ad602c96a4a732a7278f5177c6e8421243bfa726a" }, { "import_time": "2025-01-08T17:34:55.8391035Z", "source": "ossf-package-analysis", "modified_time": "2025-01-08T17:15:47Z", "versions": [ "8.2.10" ], "sha256": "bb778953ccadf1ddd3d3249677a4b7c27133ddd85d451ebe6cf0e04611264b86" }, { "import_time": "2025-01-08T22:05:22.087692782Z", "source": "ossf-package-analysis", "modified_time": "2025-01-08T22:00:44Z", "versions": [ "8.2.13" ], "sha256": "f92ac367260d9d488415ebd75540c852fe7fdae91818afa533b1340f7ac473cf" }, { "import_time": "2025-01-08T22:35:42.201873457Z", "source": "ossf-package-analysis", "modified_time": "2025-01-08T22:26:02Z", "versions": [ "8.2.18" ], "sha256": "688b6adf5117395c9f5d438ab7efdfe6fc8a35786f16b70d41ddd8452298d70d" }, { "import_time": "2025-01-08T22:35:41.937936967Z", "source": "ossf-package-analysis", "modified_time": "2025-01-08T22:05:49Z", "versions": [ "8.2.15" ], "sha256": "7eab984c371377d5191c91107044ee8c6d3573e3e736888627b48b4e9e0bc90a" }, { "import_time": "2025-01-08T22:35:42.11336383Z", "source": "ossf-package-analysis", "modified_time": "2025-01-08T22:23:28Z", "versions": [ "8.2.17" ], "sha256": "e08adcf62823628b349e8dd36a3e771d9bc804d5829d37a2a90d4fc97bdd8086" }, { "import_time": "2025-01-08T22:35:42.02666966Z", "source": "ossf-package-analysis", "modified_time": "2025-01-08T22:22:45Z", "versions": [ "8.2.16" ], "sha256": "e4fdda522c1ce47b32dc8df171d8ec813f07f999827664852ebd81a2add8888a" }, { "import_time": "2025-01-08T23:05:22.49968974Z", "source": "ossf-package-analysis", "modified_time": "2025-01-08T22:48:32Z", "versions": [ "8.2.19" ], "sha256": "3c13b97f402fc103044043dbabae1771d17095c19f85e89fa6844e83bba088dd" } ] }