-= Per source details. Do not edit below this line.=-
The package coral-dev-proxy was found to contain malicious code.
The OpenSSF Package Analysis project identified 'coral-dev-proxy' @ 99.9.2 (npm) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.
{
"malicious-packages-origins": [
{
"sha256": "43201e77d986713200b2c3f3de10a94b94d87a3d86183e8c6a203533fc32346f",
"versions": [
"99.9.2"
],
"source": "ossf-package-analysis",
"modified_time": "2026-05-08T14:36:47Z",
"import_time": "2026-05-08T14:40:48.450380192Z"
},
{
"sha256": "72404a2fb27337386b313984f096fd93c14ba8fad384d1881772c6b3b725c5c4",
"versions": [
"99.9.3"
],
"source": "ossf-package-analysis",
"modified_time": "2026-05-08T14:41:51Z",
"import_time": "2026-05-08T15:37:22.084180016Z"
},
{
"sha256": "938459f8d0b02585c73f8dedee34a7e499784f290f4c9cabf61706eeda5bbfe1",
"versions": [
"99.9.2",
"99.9.3"
],
"source": "amazon-inspector",
"modified_time": "2026-05-12T06:53:21Z",
"import_time": "2026-05-12T07:28:54.82153376Z"
}
]
}