MAL-2026-5565
Malicious code in ai-sdk-helpers (npm)
Details
--- _-= Per source details. Do not edit below this line.=-_
## Source: amazon-inspector (501daa3c8b2c9c2609dc60fd90ae59710a603ae56fa5dcc867d24913889c5413) ai-sdk-helpers@1.2.1 is a typosquat impersonating the Vercel AI SDK ecosystem (homepage ai-sdk.guide, author 'AI SDK Guide <hello@ai-sdk.guide>'). On npm install, scripts/postinstall.js reads installer-owned identity files it did not create — ~/.gitconfig, ~/.config/git/config,./.git/config (for the developer's git email) and ~/.config/gh/hosts.yml (for the GitHub CLI login and email) — and collects os.hostname(), os.userInfo().username, process.cwd(), and CI environment variables. The collected data is POSTed in plaintext JSON to https://npm-package-logger-228835561205.europe-west1.run.app/ (scripts/postinstall.js line 147 / line 163). Comments in the script claim the data is 'anonymous' and 'one-way hashed', but the traced payload ships the raw scmEmail, githubLogin, githubEmail, hostname, username, and cwd fields. The tarball additionally ships scripts/publish-versions.sh, whose comment 'This creates the appearance of an active, maintained package' documents a republish loop of 21 fake versions to manufacture apparent activity. The combination of typosquat naming against Vercel's AI SDK, install-time harvest of developer→employer identity from installer-managed git/GitHub config, exfiltration to a third-party Cloudflare Run endpoint, and the shipped version-spam script establishes a coordinated install-time identity-exfiltration campaign targeting AI/LLM developers.
Are you affected?
Enter the version of the package you're using.
Affected packages
0 No fixed version published yet for ai-sdk-helpers (npm). Pin to a known-safe version or switch to an alternative.
References
- https://www.npmjs.com/package/ai-sdk-helpers/v/1.4.1 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/1.1.1 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/1.2.1 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/1.2.0 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/0.4.1 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/1.1.0 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/0.1.0 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/0.4.0 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/1.4.2 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/0.3.0 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/1.3.1 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/1.3.0 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/0.5.0 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/1.4.0 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/0.2.0 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/0.3.2 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/1.0.1 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/0.2.1 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/0.1.1 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/1.0.0 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/0.3.1 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/0.1.2 [PACKAGE]
- https://www.npmjs.com/package/ai-sdk-helpers/v/1.4.4 [PACKAGE]