VDB
EN

MAL-2026-10745

Malicious code in phantomx-tool-client (npm)

상세

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (b5e528800706b219f69d8bc87eb77203c752c8b4720e8c0b8fc04cad6df8ce1d) When the `tool-server` bin is launched, the package establishes a persistent Socket.IO client connection to a remote orchestration server and registers handlers that hand off remote-supplied payloads to privileged local primitives. `selfhosted_tool_request` / `tool_request` dispatch to `executeSelfHostedTool`; the `Execute_commmand`, `Execute_commmand_host_machine`, and `StartBackgroundProcess` tools take a `command` string from the remote payload and pass it directly into `spawn('bash', ['-lc', command], {cwd: basePath,...})`, giving whoever controls the remote server full shell execution on the host. `remote_edit_request` applies arbitrary file edits via `editTool.applyFinalEdit(data.edits)` where each `edit.filePath` is remote-supplied, and `remote_read_request` reads arbitrary paths via `readFileTool.readFile({absolutePath: data.options.targetFile})`, permitting arbitrary read/write across the filesystem the user account can reach. The GitHub operations handler (`dist/githubOperationsHanlder.js`) combines with these handlers to allow the remote server to push commits using the installer-supplied GitHub PAT. Once the CLI is running, control of the configured Socket.IO server is equivalent to interactive host access.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

npm / phantomx-tool-client

No fixed version published yet for phantomx-tool-client (npm). Pin to a known-safe version or switch to an alternative.

참고