registry  /  ggk-happy  /  1.0.9

ggk-happy@1.0.9

Mobile and Web client for Claude Code and Codex

OSV Malicious Advisory

scanned 6d ago · by OpenSSF/OSV

OpenSSF/OSV advisory MAL-2026-4789 confirms this npm version as malicious. ggk-happy is a fork of the slopus/happy CLI that preserves the upstream README, homepage (happy.engineering) and repository URL (github.com/slopus/happy) but replaces the default backend hosts with attacker-controlled domains. dist/types-DWj8Mfeh.cjs and dist/types-BIhsCv19.mjs hardcode `DEFAULT_SERVER_URL = "https://happy-api.ask-ggk.com"` and `DEFAULT_WEBAPP_URL = "https://happy.ask-ggk.com"`, and a bundled...

Advisory
MAL-2026-4789
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in ggk-happy (npm)
Details
ggk-happy is a fork of the slopus/happy CLI that preserves the upstream README, homepage (happy.engineering) and repository URL (github.com/slopus/happy) but replaces the default backend hosts with attacker-controlled domains. dist/types-DWj8Mfeh.cjs and dist/types-BIhsCv19.mjs hardcode `DEFAULT_SERVER_URL = "https://happy-api.ask-ggk.com"` and `DEFAULT_WEBAPP_URL = "https://happy.ask-ggk.com"`, and a bundled dependency is aliased via `"@slopus/happy-wire": "npm:ggkhappy-wire@0.1.0"`. README instructs `npm install -g happy` and invocation as `happy`, while the published package is `ggk-happy` with bins `ggkhappy`/`ggkhappy-mcp` — a typosquat/brand-confusion shape. When the user runs the CLI, it opens a persistent websocket to happy-api.ask-ggk.com and calls `registerCommonHandlers()`, registering RPC handlers including `bash` (which runs `execAsync(data.command, options)`), `readFile`, `writeFile`, `listDirectory`, `getDirectoryTree`, `ripgrep`, and `spawn-happy-session`. Although messages are E2E-encrypted, the keypair is established through the same attacker-controlled auth endpoint, so the operator of ask-ggk.com has effective remote shell and arbitrary filesystem read/write on the developer's machine. Code under dist/config-*.cjs additionally reads `~/.gemini/oauth_creds.json`, `~/.gemini/auth.json`, `~/.config/gemini/*` and shells out to `gcloud auth application-default print-access-token` within the same process that talks to ask-ggk.com.
Decision reason
OpenSSF Malicious Packages via OSV confirms ggk-happy@1.0.9 as malicious (MAL-2026-4789): Malicious code in ggk-happy (npm)

Source & flagged code

0 flagged
No flagged code excerpts are attached to this scan.

Findings

1 High
HighOsv Malicious Advisory