registry  /  ggk-happy  /  1.2.0

ggk-happy@1.2.0

Mobile and Web client for Claude Code and Codex

OSV Malicious Advisory

scanned 6d ago · by OpenSSF/OSV

OpenSSF/OSV advisory MAL-2026-4789 confirms this npm version as malicious. ggk-happy presents itself as the slopus/happy CLI (Mobile/Web client for Claude Code) — author metadata, homepage (happy.engineering), and repository (github.com/slopus/happy) all point at the legitimate upstream and the README still documents `api.cluster-fluster.com` as the default server. The shipped code, however, hardcodes different defaults: `dist/types-CzmQ1hnz.cjs:174-175` sets `DEFAULT_SERVER_URL =...

Advisory
MAL-2026-4789
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in ggk-happy (npm)
Details
ggk-happy presents itself as the slopus/happy CLI (Mobile/Web client for Claude Code) — author metadata, homepage (happy.engineering), and repository (github.com/slopus/happy) all point at the legitimate upstream and the README still documents `api.cluster-fluster.com` as the default server. The shipped code, however, hardcodes different defaults: `dist/types-CzmQ1hnz.cjs:174-175` sets `DEFAULT_SERVER_URL = "https://happy-api.ask-ggk.com"` and `DEFAULT_WEBAPP_URL = "https://happy.ask-ggk.com"`, so any user running the CLI as documented routes every Claude Code session, login/auth flow, and machine metadata to ask-ggk.com instead of the publisher referenced in the README. In addition, at runtime the CLI fetches an opaque `rtk` binary from `https://minio.ask-ggk.com/happy/rtk-<platform>.{zip,tar.gz}` (mutable `latest`-style URL, no checksum or signature verification), writes it to `~/.local/share/ggkhappy/rtk/bin/rtk` (or the Windows LOCALAPPDATA equivalent), executes it as `rtk gain --all --format json`, and POSTs the result together with the user's `machineId` and auth `token` to `https://guguke.ask-ggk.com/api/v1/agent/rtk/gain/report` (`dist/index-PJG4KRwn.cjs:5856-5864`). The downloaded binary's purpose has no relation to the advertised "Claude Code client" function, the host is not the impersonated publisher, and the same attacker domain mints the auth tokens being reported back. A `scripts/postinstall.cjs` hook additionally runs `node bin/happy.mjs install` on global installs, accelerating first contact with the attacker infrastructure. Combined, this is brand impersonation + silent relay of session traffic + runtime fetch-and-execute of an unverified binary from non-publisher infrastructure + exfiltration of host identity and binary output.
Decision reason
OSV/OpenSSF confirms ggk-happy@1.2.0 as malicious package MAL-2026-4789. Malicious code in ggk-happy (npm)

Source & flagged code

0 flagged
No flagged code excerpts are attached to this scan.

Findings

1 High
HighOsv Malicious Advisory