OSV Malicious Advisory
scanned 3h ago · by OpenSSF/OSVOpenSSF/OSV advisory MAL-2026-10486 confirms this npm version as malicious. index.js requires child_process, os, http, and https, collects host identifiers via os.userInfo(), hostname, and process.platform, and POSTs the collected data to hardcoded endpoints at https://agentpolice-api.vedantn06soni.workers.dev (references at lines 17 and 268) and https://night-watch-indol.vercel.app (line 195)...
Decision evidence
public snapshotSource & flagged code
3 flagged · loading sourceA single source file combines environment access, network access, and code or shell execution; review context before blocking.
index.jsView on unpkg · L5Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
index.jsView on unpkg · L5