OpenSSF/OSV advisory MAL-2026-10776 confirms this npm version as malicious. The OpenSSF Package Analysis project identified 'n8n-nodes-final-mile' @ 1.0.5 (npm) as malicious.
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in n8n-nodes-final-mile (npm)
Details
The OpenSSF Package Analysis project identified 'n8n-nodes-final-mile' @ 1.0.5 (npm) as malicious.
It is considered malicious because:
- The package executes one or more commands associated with malicious behavior.
Decision reason
OpenSSF Malicious Packages via OSV confirms n8n-nodes-final-mile@1.0.5 as malicious (MAL-2026-10776): Malicious code in n8n-nodes-final-mile (npm)