MAL-2026-10628

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ai-explain/MAL-2026-10628.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-10628
Published
2026-07-15T02:58:00Z
Modified
2026-07-15T05:19:42.337781689Z
Summary
Malicious code in ai-explain (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (4a2b6beb476c828df723da0a2b4b524cf671e2eed9223a6e04c45c0ec4d59172)

ai-explain@0.3.4 ships a postinstall hook (dist/postinstall.js, mirrored from scripts/postinstall.js) that, on npm install, collects the installer's OS username (os.userInfo().username), hostname (os.hostname()), current working directory (process.cwd()), platform, arch, and Node version and POSTs them via https.request to the hardcoded endpoint https://livekit-agents.xyz/api/metrics. The same payload is re-sent from the CLI entrypoint (dist/cli.js) on every invocation via sendCliMetric(). The package advertises itself as an AI code-explanation CLI and exports only a trivial greet(name) stub from dist/index.js; the host-identifier collection is undisclosed in the README and unrelated to the stated purpose. The destination domain livekit-agents.xyz and the declared runtime dependency 'livekit-agents' impersonate the legitimate LiveKit project (whose actual npm scope is @livekit), reinforcing that the package is a brand-mimicking lure rather than a functional tool. Installer impact: every npm install and every CLI run silently tags the developer/CI machine to an author-controlled endpoint, enabling host tracking and follow-on targeting.

Database specific
{
    "malicious-packages-origins": [
        {
            "id": "IN-MAL-2026-010598",
            "versions": [
                "0.3.4"
            ],
            "modified_time": "2026-07-15T02:58:00Z",
            "source": "amazon-inspector",
            "sha256": "4a2b6beb476c828df723da0a2b4b524cf671e2eed9223a6e04c45c0ec4d59172",
            "import_time": "2026-07-15T03:07:36.470583248Z"
        }
    ]
}
References
Credits

Affected packages

npm / ai-explain

Package

Affected ranges

Affected versions

0.*
0.3.4

Database specific

cwes
[
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    }
]
indicators
{
    "evidence_files": [
        {
            "path": "dist/postinstall.js",
            "tlsh": "fe11a2e595f092b42ab65688629b54021366e113bf4aa9f4f6c703602fc95bc44f19e8",
            "sha256": "d082a0936f44b04079bfa5e3f6a92a7f4d6f6a275d572f16ae160a5d001268f8"
        },
        {
            "path": "package.json",
            "tlsh": "ea012428c8b48e6325c462e56c765b07aa724c170558be1833d7022c4b8d2ef05bf2bf",
            "sha256": "31139f52db34dc20d89e9b76586eff0da8ce3f4efc736f2ecc34f13f75f4fc09"
        },
        {
            "path": "dist/cli.js",
            "sha256": "3b27965cdddcf00aa2892ab17ab3a3e083d30ad22a9d06255251b49609a1ed6f",
            "tlsh": "8331e0a679f591746676488c2557541206e7e927fe02b8a8b7cd02b07f585ac10b0ba4"
        }
    ],
    "package_integrity": [
        {
            "filename": "ai-explain-0.3.4.tgz",
            "hashes": {
                "sha512_sri": "sha512-l35g9RY2PG1Zse8MClBBqb0RJSoFDqqz9zdKBjIFyPMxf/U/Mb4Kasl+Jso22o9tToZUknGGGkmBjPVVRyK9rg==",
                "sha1": "b78dbff0aa37ec994f42fad69509253b507114e2"
            }
        }
    ]
}
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/ai-explain/MAL-2026-10628.json"