-= Per source details. Do not edit below this line.=-
Package is published under the @cometix scope but its package.json sets author to 'Anthropic support@anthropic.com' and ships a README copied verbatim from Anthropic's official Claude Code, including links to claude.com, anthropic.com, and github.com/anthropics/claude-code. The actual repository is github.com/CometixSpace/claude-code — unrelated to Anthropic. The genuine package is @anthropic-ai/claude-code. Installers are deceived about provenance: they believe they are installing Anthropic's product but receive third-party code. The postinstall script (install.cjs) is itself benign — it implements the standard platform-binary wrapper pattern (detects platform/arch, copies cli.js and vendor/ from a matching @cometix/claude-code-<platform>-<arch> optional dependency, no network or exec). However, the real CLI code is delivered via those platform-specific optional dependency tarballs not analyzed here, and the falsified Anthropic metadata + verbatim README copy demonstrates intent to deceive. Combined signals — namespace impersonation of a high-profile target plus forged author identity claiming to be the legitimate vendor — warrant blocking pending review of the platform-dep payloads.
{
"malicious-packages-origins": [
{
"source": "amazon-inspector",
"sha256": "a9fdf963161702f419b92d338edd7df62cf1a64485233e5150157130d509005b",
"modified_time": "2026-05-20T22:18:13Z",
"import_time": "2026-05-26T05:51:00.490035611Z",
"id": "IN-MAL-2026-003634",
"versions": [
"2.1.143"
]
},
{
"source": "amazon-inspector",
"sha256": "d9c6fc5df21efcd2949e4c05b4a9a75dbe8142243a3967dc853be7069ecaca24",
"modified_time": "2026-05-22T02:23:53Z",
"import_time": "2026-05-26T05:51:58.909233254Z",
"id": "IN-MAL-2026-004123",
"versions": [
"2.1.147"
]
},
{
"source": "amazon-inspector",
"sha256": "e0d1f967b1d5f3919fed9b09594ca377fca1834967899e4c6a015eba1171cc0c",
"modified_time": "2026-05-22T02:23:54Z",
"import_time": "2026-05-26T05:51:59.010840471Z",
"id": "IN-MAL-2026-004124",
"versions": [
"2.1.147"
]
},
{
"source": "amazon-inspector",
"sha256": "e7cbf2e38c92b1e008556ffd2dee98c35f284eb2807949e8a05d71ae38713ffd",
"modified_time": "2026-05-20T22:18:12Z",
"import_time": "2026-05-26T05:51:00.378877426Z",
"id": "IN-MAL-2026-003633",
"versions": [
"2.1.143"
]
}
]
}"https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/npm/@cometix/claude-code/MAL-2026-4376.json"
[
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
}
]
{
"package_integrity": [
{
"filename": "claude-code-2.1.147.tgz",
"hashes": {
"sha512_sri": "sha512-pq+XcMQN9+G1gndgePe5/0CiwQQuZWy5iv0OWCcwjgjuCHxABUUj78Cs5YKqsTQv04as/irlcteJC+6xEwYgGA==",
"sha1": "b1231fc00fc9d6298d1e333732c625bf077d5d22"
}
}
],
"domains": [
"34.8.16.104.in-addr.arpa"
],
"evidence_files": [
{
"path": "package.json",
"sha256": "28031f6a27561eef849bb721004210d9411594d7eba43b7aa21d045ca12e901c",
"tlsh": "06314a60c750aa235bc168e0b957110e5bd926c3cd887c8cbf92c78dae0e2df153a4bd"
},
{
"path": "install.cjs",
"sha256": "01ba1663becb1ef24c05bee80bbb074aaacec45898079d5401ffc30845c41a7e",
"tlsh": "ad5136c552fae61106661af7798b045e786894a26317fc6cfb8ccbdc6fca4508053f9c"
}
]
}