-= Per source details. Do not edit below this line.=-
When ai-support-agent start is invoked, the CLI subscribes to a remote AppSync/WebSocket channel at api.ai-support-agent.com and dispatches server-delivered messages into local execution sinks. execute_command messages are passed to spawn(shellCmd, ['-c', command]) in shell-executor.js; terminal-ws stdin frames are base64-decoded and written into a node-pty session (terminal-websocket.js handleStdin: Buffer.from(msg.data,'base64').toString('utf-8'); session.write(decoded)); additional handlers cover fileread/write/delete, processkill, sshexec, serversetup_exec, reboot, and update. Whoever controls the vendor server — or anyone who obtains a valid agent token — has full shell-level control of the host running the agent. Related components include dist/vscode/vscode-server.js and dist/browser/browser-local-server.js (local HTTP endpoints and ping-based reachability probes) and dist/cli/service/{darwin,linux}-service.js (installs the agent as a persistent system service that modifies PATH), which extend and persist that control surface.
{
"malicious-packages-origins": [
{
"versions": [
"0.3.2-beta.1"
],
"sha256": "9e75ec61a75a0063b3e468c17ed905250c786c148bc8e30edfa93e20c4a19a54",
"import_time": "2026-07-16T18:54:05.261601401Z",
"modified_time": "2026-07-16T18:48:58Z",
"id": "IN-MAL-2026-010795",
"source": "amazon-inspector"
}
]
}[
{
"cweId": "CWE-506",
"name": "Embedded Malicious Code",
"description": "The product contains code that appears to be malicious in nature."
}
]
{
"package_integrity": [
{
"filename": "cli-0.3.2-beta.1.tgz",
"hashes": {
"sha1": "c4aac3ffac26c8977f737add3d8fa7d614d853e4",
"sha512_sri": "sha512-I97HCE1arXzew361QjFZAFnKY8eZzSqLxnbadQyw6BTh4Rdqhou/Dng6cPro85LekYhZOXK2eCN/WSgdOyN9tw=="
}
}
],
"evidence_files": [
{
"tlsh": "c652208539fb617295b7e29b1f6ba402a73b82073180ce94fb9d97104f0c94487d6ef8",
"sha256": "cacf3ceca145410d0c3c7ec95e0d50a4f2afd317a0b36348e5e262e4b4ab0be3",
"path": "dist/browser/browser-local-server.js"
},
{
"tlsh": "5de2d8099de5d23466d2d55e2b076820fd2ac2133a54f974b6dcc788af4241c42bfbeb",
"sha256": "426cec5d7af6930e6dd7c47cbd71749d28557357561fa3677090fed8994e4a1c",
"path": "dist/cli/service/darwin-service.js"
},
{
"tlsh": "1823b72a9eb5d336a691d16c2b0b7811fa2b92176704f9307adcc348df42458437eee7",
"sha256": "37b78bd607e1626b8e0e2558a5b416f478b01d955493093ca4d1fcfae7f54d2e",
"path": "dist/cli/service/linux-service.js"
},
{
"tlsh": "7bd2d52f692c9bf0134418601714f8933d1fd5977e1aa134f0a9db648a9fc9aca35be3",
"sha256": "17ef459da6b8b0863f5284ebda04c69a96d4d66cdd17c7a4d652d82346654e6e",
"path": "dist/constants.js"
},
{
"tlsh": "6e72d80e57fb903a44f368691b0b6102731e9f87e615ea347b5cd3d1af4265c7190af4",
"sha256": "bcf8f8912001cda41ea86d3105c012c3e948f8ea0cd540d9127c6c6f0998d52e",
"path": "dist/vscode/vscode-server.js"
}
]
}
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@ai-support-agent/cli/MAL-2026-10707.json"