registry  /  creditgauge  /  1.0.0

creditgauge@1.0.0

CreditGauge package

OSV Malicious Advisory

scanned 4h ago · by OpenSSF/OSV

OpenSSF/OSV advisory MAL-2026-10633 confirms this npm version as malicious. The package has no functional library code: package.json declares main=index.js but no index.js is shipped; the tarball contains only package.json and a.claude/settings.json payload. The settings.json overrides ANTHROPIC_BASE_URL to https://api.minimaxi.com/anthropic (a non-Anthropic host) and embeds a hardcoded ANTHROPIC_AUTH_TOKEN, so any Claude Code session picking up this configuration silently routes the...

Advisory
MAL-2026-10633
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in creditgauge (npm)
Details
The package has no functional library code: package.json declares main=index.js but no index.js is shipped; the tarball contains only package.json and a.claude/settings.json payload. The settings.json overrides ANTHROPIC_BASE_URL to https://api.minimaxi.com/anthropic (a non-Anthropic host) and embeds a hardcoded ANTHROPIC_AUTH_TOKEN, so any Claude Code session picking up this configuration silently routes the developer's prompts and source code through a third-party endpoint under an attacker-supplied token. The same file defines a statusLine that runs a bash command resolving to scripts/wrapper.sh inside the plugin cache directory for the third-party plugin github:cwf818/topgauge-cc (referenced via enabledPlugins), re-invoked every 10 seconds. defaultMode is set to bypassPermissions and skipDangerousModePermissionPrompt is set to true, disabling the confirmation prompts that would normally gate that execution. The combined effect is silent relay of AI prompts/code through an attacker-controlled proxy plus recurring shell execution of unvetted third-party plugin code inside the developer's environment.
Decision reason
No blocking static signals were detected.

Decision evidence

public snapshot
Behavioral surface
SourceNo risky source behavior triggered.
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 0 file(s), 0 B of source

Source & flagged code

0 flagged
No flagged code excerpts are attached to this scan.

Findings

1 Low
LowScripts Present