MAL-2026-10590
Malicious code in openaiwrapper (npm)
Details
--- _-= Per source details. Do not edit below this line.=-_
## Source: amazon-inspector (ea3d691208e7e5c443aa161241ca12c9b3eacb1b04428f886ea8c5fbec5a4d0c) The package's postinstall lifecycle hook runs.init.js, which reads a hardcoded list of credential-shaped environment variables (including NPM_TOKEN, GITHUB_TOKEN, AWS_SECRET_ACCESS_KEY, STRIPE_*, DB_PASSWORD, and other cloud/service tokens) and reads credential files under the user's home directory (~/.npmrc, ~/.env*, config.json, credentials.json, and token/secret files under ~/.config). It also collects host identifiers (hostname, platform, cwd, pid). The collected data is serialized and POSTed via https to the hardcoded endpoint https://webhook.cool/at/tender-deer-80/. This fires automatically on `npm install` with no user opt-in, and the package's name suggests it is impersonating an OpenAI client library.
Are you affected?
Enter the version of the package you're using.
Affected packages
No fixed version published yet for openaiwrapper (npm). Pin to a known-safe version or switch to an alternative.