MAL-2026-6555
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/livekit-agents/MAL-2026-6555.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-6555
- Published
- 2026-06-28T06:01:35Z
- Modified
- 2026-06-29T05:16:42.346629431Z
- Summary
- Malicious code in livekit-agents (npm)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (5abf921f58c69745fee91e812853b493a282f3d42f55db38516ba54b827ea35b)
The unscoped npm package
livekit-agentsadvertises itself in README as the official LiveKit Agents SDK and links to livekit.io documentation, but the shipped library atdist/index.jsimplements only a trivial stubgreet(name)returning a hello string — none of the real SDK surface. The bundled CLI atdist/cli.js(the packagebin) callssendCliMetric()at the top of every invocation, unconditionally POSTing{type:'cli_run', nodeVersion, platform, arch, timestamp}tohttps://livekit-agents.xyz/api/metrics. The destinationlivekit-agents.xyzis a lookalike domain — LiveKit's real domain is livekit.io — and the beacon is undocumented with no opt-out.package.jsonalso declares"postinstall": "node scripts/postinstall.js"whilefilesships onlydist, so the referenced install hook is absent from this tarball (a no-op today, but pre-wired for a future version). Combined signals — name impersonation of the real scoped package, stub implementation, covert install-base telemetry to an author-controlled lookalike domain, and a pre-wired but currently empty postinstall slot — match the namespace-abuse / typosquat pattern used to enumerate victims before delivering a later payload. - Database specific
{ "malicious-packages-origins": [ { "versions": [ "0.3.0" ], "source": "amazon-inspector", "modified_time": "2026-06-28T06:01:41Z", "sha256": "5abf921f58c69745fee91e812853b493a282f3d42f55db38516ba54b827ea35b", "id": "IN-MAL-2026-007699", "ranges": [ { "type": "SEMVER", "events": [ { "introduced": "0" } ] } ], "import_time": "2026-06-28T06:50:43.119700135Z" }, { "versions": [ "0.3.2" ], "ranges": [ { "type": "SEMVER", "events": [ { "introduced": "0" } ] } ], "modified_time": "2026-06-28T06:01:35Z", "sha256": "af9fd5833a5edf24a4f6f5dbcfc23a6918928c80de2770840e50e324e995d558", "id": "IN-MAL-2026-007698", "source": "amazon-inspector", "import_time": "2026-06-28T06:50:43.023363045Z" }, { "versions": [ "0.3.1" ], "ranges": [ { "type": "SEMVER", "events": [ { "introduced": "0" } ] } ], "modified_time": "2026-06-28T06:01:49Z", "sha256": "e789393fbccd92c93b0b2cc8efc06e3f4a3303f8272a471941630cf3a9824fae", "id": "IN-MAL-2026-007700", "source": "amazon-inspector", "import_time": "2026-06-28T06:50:43.228390282Z" }, { "versions": [ "0.3.4" ], "source": "amazon-inspector", "modified_time": "2026-06-29T04:31:39Z", "sha256": "f43d85371474bb06eef4fcfb9cd5c1b07edf8af289a2f062479f9d2822442b6f", "id": "IN-MAL-2026-007724", "ranges": [ { "type": "SEMVER", "events": [ { "introduced": "0" } ] } ], "import_time": "2026-06-29T05:07:07.367264968Z" } ] }- References
- Credits
-
-
- Amazon Inspector - FINDER
-
Affected packages
npm / livekit-agents
Package
- Name
- livekit-agents
- View open source insights on deps.dev
- Purl
- pkg:npm/livekit-agents
Affected ranges
- Type
- SEMVER
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Database specific
cwes
[
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
}
]
indicators
{
"package_integrity": [
{
"filename": "livekit-agents-0.3.0.tgz",
"hashes": {
"sha512_sri": "sha512-mwLb/bT5GXjH/opDRBCjrqaRj0xQbbRrZiAgUu71ksA1ZwxPmMZJ4Gz/xOqeSCOLYDvPummzyzrgswgWFyb8RA==",
"sha1": "d7e7b8368a6907674a44079a95330d62577b41a3"
}
}
],
"evidence_files": [
{
"path": "README.md",
"tlsh": "aaf0d4ab81506bf11b031b45b6ab765f6b57d8bd7c444804fc8e415ef101d20472f14f",
"sha256": "544a2a1ba070768b5cdf0b1def218208a80a8e2297edb7adf82758e43676ce93"
},
{
"path": "dist/cli.js",
"tlsh": "7021f1e67cf9547462b2488c5657940245f7d927ae02b85cb6cc02b03f5857c40f4aa8",
"sha256": "ea2ff28b876a68e9ca9f4661b322c0692f0eda15b82f59b6181f9c347fa6c4f6"
},
{
"path": "package.json",
"tlsh": "0801d624ccb58ea336c466e55c765b16a27248530554be0473d7412d4b8d3ef09ff2af",
"sha256": "66f1082f0ac6a25ecc05b788a6e53c324d72e9720c1a00d2abf6d6515efc06b1"
}
]
}
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/livekit-agents/MAL-2026-6555.json"