MAL-2026-4768

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (1495d93dccc77a422f70d192ef4d8dcd53b0c990fff43e68bc2a0eca301e5d10) Package name 'sklern' is a one-character deletion from the top-tier ML package 'sklearn', and its public API (linear_regression, logistic_regression, decision_tree, perceptron, mlp, etc.) mimics sklearn's surface but the functions do not implement ML — they print code strings. On `import sklern`, src/sklern/__init__.py loads src/sklern/ai_helper.py, which at module top level instantiates a Groq client with a hardcoded API key (`Groq(api_key="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")`). The exported `get1(prompt)` function — re-exported in `__all__` — sends the caller's prompt to api.groq.com using that hardcoded key, with no mechanism for the caller to override the destination or credential. PKG-INFO description is the placeholder 'Example PyPI package' and README references 'sample_package'. A developer who mistypes 'sklearn' as 'sklern' installs a package that (a) does not provide the ML functionality its API names suggest, (b) ships a live third-party credential that any installer can extract and abuse against api.groq.com, and (c) silently relays caller-supplied prompt data through the author's Groq account where it may be logged. The combination of name-confusion attack + credential distribution + silent-relay of caller data is the typosquat-with-payload pattern.