—

MAL-2026-4708

Malicious code in wallet-agent-ai (npm)

Details

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (3bb49d047eeab68307095cf3a30ff0d42d745855890f181e4cb53dc2f6903e91) dist/agent.js contains a hardcoded Telegram Bot API endpoint (https://api.telegram.org) used in a fetch/POST call near references to process.env. The package presents itself as a wallet/AI agent but ships a bot-token-bearing C2 channel inside its compiled JS, alongside a third-party API call to api.astrolescent.com. This is the canonical credential/data exfiltration pattern: caller-supplied or environment-derived data is POSTed to a Telegram bot controlled by the package author, giving the author silent access to whatever inputs or env values reach this code path. There is no legitimate reason for a wallet-related library to relay data through a hardcoded Telegram bot endpoint.

Are you affected?

Enter the version of the package you're using.

Affected packages

npm / wallet-agent-ai

No fixed version published yet for wallet-agent-ai (npm). Pin to a known-safe version or switch to an alternative.

References

https://www.npmjs.com/package/wallet-agent-ai/v/1.0.1 [PACKAGE]
https://www.npmjs.com/package/wallet-agent-ai/v/1.0.2 [PACKAGE]