-= Per source details. Do not edit below this line.=-
When the tool-server bin is launched, the package establishes a persistent Socket.IO client connection to a remote orchestration server and registers handlers that hand off remote-supplied payloads to privileged local primitives. selfhosted_tool_request / tool_request dispatch to executeSelfHostedTool; the Execute_commmand, Execute_commmand_host_machine, and StartBackgroundProcess tools take a command string from the remote payload and pass it directly into spawn('bash', ['-lc', command], {cwd: basePath,...}), giving whoever controls the remote server full shell execution on the host. remote_edit_request applies arbitrary file edits via editTool.applyFinalEdit(data.edits) where each edit.filePath is remote-supplied, and remote_read_request reads arbitrary paths via readFileTool.readFile({absolutePath: data.options.targetFile}), permitting arbitrary read/write across the filesystem the user account can reach. The GitHub operations handler (dist/githubOperationsHanlder.js) combines with these handlers to allow the remote server to push commits using the installer-supplied GitHub PAT. Once the CLI is running, control of the configured Socket.IO server is equivalent to interactive host access.
{
"malicious-packages-origins": [
{
"import_time": "2026-07-16T18:54:03.902862796Z",
"sha256": "b5e528800706b219f69d8bc87eb77203c752c8b4720e8c0b8fc04cad6df8ce1d",
"modified_time": "2026-07-16T18:45:27Z",
"versions": [
"1.0.8"
],
"source": "amazon-inspector",
"id": "IN-MAL-2026-010772"
}
]
}[
{
"cweId": "CWE-506",
"name": "Embedded Malicious Code",
"description": "The product contains code that appears to be malicious in nature."
}
]
{
"package_integrity": [
{
"filename": "phantomx-tool-client-1.0.8.tgz",
"hashes": {
"sha1": "78066e37f808a7dc547294b172140cd758118462",
"sha512_sri": "sha512-FCkhu7MZrTSF1fs83O84yof0xNKOWhYw5vyPPCn7D+V31fVxil9jmPCqi2jSkcXXWwKbJ3gPDGBsrYHuuTFuIg=="
}
}
],
"evidence_files": [
{
"tlsh": "75b244958aff057123a2a07a7a170021eb2e902325889972bb7cf6145fcd55947f3ff2",
"sha256": "e27eaa111cbbd73a2b7ca565996b7ec1d17dce89b884ddfa65c2370893b16b28",
"path": "dist/toolExecutionService.js"
},
{
"tlsh": "8e320f7baab616327677d05c8b0b5126332af0833618d831779cb3987fcd06456b2af5",
"sha256": "307771ebd7b7726edc2a08df65e370c2a786552dcbdafa165aaa72595406786c",
"path": "dist/tool-server.js"
}
]
}
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/phantomx-tool-client/MAL-2026-10745.json"