OpenSSF/OSV advisory MAL-2026-10774 confirms this npm version as malicious. The OpenSSF Package Analysis project identified 'n8n-nodes-api-finder' @ 1.0.0 (npm) as malicious.
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in n8n-nodes-api-finder (npm)
Details
The OpenSSF Package Analysis project identified 'n8n-nodes-api-finder' @ 1.0.0 (npm) as malicious.
It is considered malicious because:
- The package executes one or more commands associated with malicious behavior.
Decision reason
OpenSSF Malicious Packages via OSV confirms n8n-nodes-api-finder@1.0.0 as malicious (MAL-2026-10774): Malicious code in n8n-nodes-api-finder (npm)