-= Per source details. Do not edit below this line.=-
On npm install -g @ornexus/neocortex, postinstall.js spawns install.sh (or install.ps1) which, by default, runs an install_coderabbit step that fetches https://cli.coderabbit.ai/install.sh and pipes it directly into sh (PowerShell equivalent on Windows). The fetch is unpinned (no version, no commit, no hash/signature verification), from a domain (cli.coderabbit.ai) unrelated to the package's stated publisher (ornexus / neocortex.sh), and unconditional — any compromise, DNS hijack, or content change at cli.coderabbit.ai yields arbitrary code execution on the installer's machine with the privileges of npm install -g. Additional aggressive lifecycle behavior compounds the concern: the same script silently npm uninstall -gs two other packages and removes a neocortex-cli binary from PATH, and it auto-registers MCP servers in the user's Claude Code config that will subsequently npx -y <pkg>@latest unpinned third-party packages on every Claude startup. The curl-pipe-sh from a non-publisher domain is the primary block basis; the other behaviors are unconsented mutations of installer state.
{
"malicious-packages-origins": [
{
"versions": [
"4.55.4"
],
"id": "IN-MAL-2026-004010",
"import_time": "2026-05-26T05:51:45.894592558Z",
"modified_time": "2026-05-21T20:05:46Z",
"sha256": "1462eaef8fde587e799c63a72f1b25c20302c8b37931442a2fc948829404d321",
"source": "amazon-inspector"
},
{
"versions": [
"4.55.4"
],
"id": "IN-MAL-2026-004009",
"import_time": "2026-05-26T05:51:45.775321022Z",
"modified_time": "2026-05-21T20:05:46Z",
"sha256": "bb66a92e1a8c414ee0c8877998a9587b7c8a4be3b9b27b76d874329a87bec5dc",
"source": "amazon-inspector"
},
{
"versions": [
"4.55.5"
],
"id": "IN-MAL-2026-004384",
"import_time": "2026-05-26T05:52:29.613968474Z",
"modified_time": "2026-05-23T22:12:01Z",
"sha256": "282b046894c2bc0b98fde7f613c5953a1260bdad57a3dd497d2abbf7b9a6c5d7",
"source": "amazon-inspector"
},
{
"sha256": "6c5d0c615cd8d559e82d028171e53a46b965176e61049fad203511d82a9015e8",
"id": "IN-MAL-2026-004385",
"import_time": "2026-05-26T05:52:29.72387359Z",
"modified_time": "2026-05-23T22:12:02Z",
"versions": [
"4.55.5"
],
"source": "amazon-inspector"
}
]
}{
"evidence_files": [
{
"tlsh": "9a739671e949d9f23649c26c69ca910533183217b90a7e09f95eb3083fdc35da2e637e",
"sha256": "68b7f11c381679ba8a9e53c7ceeb9102b63bc498ed846e14e80d892e9b426e3b",
"path": "install.sh"
}
],
"package_integrity": [
{
"filename": "neocortex-4.55.4.tgz",
"hashes": {
"sha512_sri": "sha512-hz22PnN7e+xGtJUSLkpndADjPfAUKXaoXVlwnfTdQVGs1cE28rw2wROHG/1U4wXQGq1dJbkXuCNLSEcJPUEYjg==",
"sha1": "f6897b819cd25261b3478b3810b6037f2403535a"
}
}
],
"domains": [
"api.neocortex.sh"
]
}
[
{
"name": "Embedded Malicious Code",
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature."
},
{
"cweId": "CWE-506",
"name": "Embedded Malicious Code",
"description": "The product contains code that appears to be malicious in nature."
}
]
"https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/npm/@ornexus/neocortex/MAL-2026-4416.json"