registry  /  getd-content-management  /  0.0.1

getd-content-management@0.0.1

OSV Malicious Advisory

scanned 3h ago · by OpenSSF/OSV

OpenSSF/OSV advisory MAL-2026-5465 confirms this npm version as malicious. The unscoped package name 'getd-content-management' impersonates the legitimate @getd/* npm scope (acknowledged in the package's own README). On `npm install`, the postinstall.js lifecycle script collects host identifiers via `os.hostname()`, `os.userInfo().username`, `os.platform()`, `process.cwd()`, and CI-related environment variables (CI, BUILD_BUILDID, AGENT_NAME), and transmits them as query-string parameters...

Advisory
MAL-2026-5465
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in getd-content-management (npm)
Details
The unscoped package name 'getd-content-management' impersonates the legitimate @getd/* npm scope (acknowledged in the package's own README). On `npm install`, the postinstall.js lifecycle script collects host identifiers via `os.hostname()`, `os.userInfo().username`, `os.platform()`, `process.cwd()`, and CI-related environment variables (CI, BUILD_BUILDID, AGENT_NAME), and transmits them as query-string parameters in an HTTPS GET request to `https://webhook.site/18dc4281-d366-438a-9186-76fbcd56ade5` — a generic third-party request-capture service unrelated to any publisher infrastructure. Errors are silently swallowed so the installer sees no indication the call occurred. The combination of name-confusion against an existing scope and silent install-time beaconing of internal hostnames, user accounts, build paths, and CI agent identity to an attacker-controlled capture URL is operationally indistinguishable from a malicious typosquat regardless of how the README frames the behavior.
Decision reason
OpenSSF Malicious Packages via OSV confirms getd-content-management@0.0.1 as malicious (MAL-2026-5465): Malicious code in getd-content-management (npm)

Source & flagged code

0 flagged
No flagged code excerpts are attached to this scan.

Findings

1 High
HighOsv Malicious Advisory