MAL-2026-4376

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/npm/@cometix/claude-code/MAL-2026-4376.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-4376
Withdrawn
2026-05-26T20:55:39Z
Published
2026-05-20T22:18:12Z
Modified
2026-05-27T00:31:54.467837266Z
Summary
Malicious code in @cometix/claude-code (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (d9c6fc5df21efcd2949e4c05b4a9a75dbe8142243a3967dc853be7069ecaca24)

Package is published under the @cometix scope but its package.json sets author to 'Anthropic support@anthropic.com' and ships a README copied verbatim from Anthropic's official Claude Code, including links to claude.com, anthropic.com, and github.com/anthropics/claude-code. The actual repository is github.com/CometixSpace/claude-code — unrelated to Anthropic. The genuine package is @anthropic-ai/claude-code. Installers are deceived about provenance: they believe they are installing Anthropic's product but receive third-party code. The postinstall script (install.cjs) is itself benign — it implements the standard platform-binary wrapper pattern (detects platform/arch, copies cli.js and vendor/ from a matching @cometix/claude-code-<platform>-<arch> optional dependency, no network or exec). However, the real CLI code is delivered via those platform-specific optional dependency tarballs not analyzed here, and the falsified Anthropic metadata + verbatim README copy demonstrates intent to deceive. Combined signals — namespace impersonation of a high-profile target plus forged author identity claiming to be the legitimate vendor — warrant blocking pending review of the platform-dep payloads.

Database specific
{
    "malicious-packages-origins": [
        {
            "source": "amazon-inspector",
            "sha256": "a9fdf963161702f419b92d338edd7df62cf1a64485233e5150157130d509005b",
            "modified_time": "2026-05-20T22:18:13Z",
            "import_time": "2026-05-26T05:51:00.490035611Z",
            "id": "IN-MAL-2026-003634",
            "versions": [
                "2.1.143"
            ]
        },
        {
            "source": "amazon-inspector",
            "sha256": "d9c6fc5df21efcd2949e4c05b4a9a75dbe8142243a3967dc853be7069ecaca24",
            "modified_time": "2026-05-22T02:23:53Z",
            "import_time": "2026-05-26T05:51:58.909233254Z",
            "id": "IN-MAL-2026-004123",
            "versions": [
                "2.1.147"
            ]
        },
        {
            "source": "amazon-inspector",
            "sha256": "e0d1f967b1d5f3919fed9b09594ca377fca1834967899e4c6a015eba1171cc0c",
            "modified_time": "2026-05-22T02:23:54Z",
            "import_time": "2026-05-26T05:51:59.010840471Z",
            "id": "IN-MAL-2026-004124",
            "versions": [
                "2.1.147"
            ]
        },
        {
            "source": "amazon-inspector",
            "sha256": "e7cbf2e38c92b1e008556ffd2dee98c35f284eb2807949e8a05d71ae38713ffd",
            "modified_time": "2026-05-20T22:18:12Z",
            "import_time": "2026-05-26T05:51:00.378877426Z",
            "id": "IN-MAL-2026-003633",
            "versions": [
                "2.1.143"
            ]
        }
    ]
}
References
Credits

Affected packages

npm / @cometix/claude-code

Package

Name
@cometix/claude-code
View open source insights on deps.dev
Purl
pkg:npm/%40cometix%2Fclaude-code

Affected ranges

Affected versions

2.*
2.1.143
2.1.147

Database specific

source
"https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/npm/@cometix/claude-code/MAL-2026-4376.json"
cwes
[
    {
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code"
    },
    {
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code"
    }
]
indicators
{
    "package_integrity": [
        {
            "filename": "claude-code-2.1.147.tgz",
            "hashes": {
                "sha512_sri": "sha512-pq+XcMQN9+G1gndgePe5/0CiwQQuZWy5iv0OWCcwjgjuCHxABUUj78Cs5YKqsTQv04as/irlcteJC+6xEwYgGA==",
                "sha1": "b1231fc00fc9d6298d1e333732c625bf077d5d22"
            }
        }
    ],
    "domains": [
        "34.8.16.104.in-addr.arpa"
    ],
    "evidence_files": [
        {
            "path": "package.json",
            "sha256": "28031f6a27561eef849bb721004210d9411594d7eba43b7aa21d045ca12e901c",
            "tlsh": "06314a60c750aa235bc168e0b957110e5bd926c3cd887c8cbf92c78dae0e2df153a4bd"
        },
        {
            "path": "install.cjs",
            "sha256": "01ba1663becb1ef24c05bee80bbb074aaacec45898079d5401ffc30845c41a7e",
            "tlsh": "ad5136c552fae61106661af7798b045e786894a26317fc6cfb8ccbdc6fca4508053f9c"
        }
    ]
}