The package communicates with a domain associated with malicious activity.
-= Per source details. Do not edit below this line.=-
The OpenSSF Package Analysis project identified 'nstmrt-stf-api-poc' @ 1.0.13 (npm) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.
{
"malicious-packages-origins": [
{
"sha256": "29e69957371cd4fe181aa65e4f774a3c807e8ff11ebda5f2226dd881f89961ae",
"source": "ossf-package-analysis",
"import_time": "2025-06-25T17:06:10.743680121Z",
"modified_time": "2025-06-25T16:53:34Z",
"versions": [
"1.0.13"
]
}
]
}