registry  /  nolimit-agent  /  1.0.311

nolimit-agent@1.0.311

Advanced email sender

AI Security Review

scanned 4d ago · by lpm-firewall-ai

Dangerous dual-use bulk email/phishing automation is present, including webmail DOM injection, SMTP/OAuth sending, contact extraction, and SMS gateway targeting. No confirmed hidden install-time exfiltration was found.

Static reason
High-risk behavior combination matched malicious policy.; source matched previously finalized malicious package; routed for review; source fingerprint signature matched known malicious package; routed for review
Trigger
User runs nolimit CLI commands such as web/auth/extract/send or loads the generated Chrome extension.
Impact
Can automate phishing/spam delivery and harvest contacts from configured accounts; install itself only creates a Windows shim.
Mechanism
user-invoked bulk email, webmail injection, and mailbox contact harvesting tooling
Attack narrative
The package is not a typical install-time credential stealer: postinstall only creates a Windows command shim. However, its shipped CLI is obfuscated and clearly implements high-risk email abuse capabilities: webmail panel injection that sends messages through logged-in sessions, OAuth/IMAP contact extraction, SMTP/OAuth sending, DKIM/SPF targeting, replay/spoof recommendations, and SMS gateway targeting.
Rationale
Static source inspection confirms dangerous user-invoked phishing/spam automation, but not a hidden npm lifecycle compromise or unconsented exfiltration path. Treat as suspicious/dangerous capability rather than publish-block malware.
Evidence
package.jsonscripts/postinstall.js.ad/x0.js.ad/x1.js.ad/web-command.js.ad/x12.jssrc/web-panel/ws.jstemplates/smtps.txtphonebook/config.jsonsmtps.txtcontacts/dkim_keys/
Network endpoints8
127.0.0.1:9227httpbin.orgdns.google/resolvegraph.microsoft.compeople.googleapis.comsmtp.gmail.comsmtp.office365.comsmtp.mail.yahoo.com

Decision evidence

public snapshot
AI called this Suspicious at 86.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • main/bin .ad/x0.js is heavily obfuscated and implements a bulk email/red-team CLI
  • src/web-panel/ws.js injects a webmail panel that fills and clicks Send in Gmail/Outlook/Yahoo
  • .ad/web-command.js generates a Chrome extension with <all_urls> and scripting permission, then injects ws.js into active tabs
  • .ad/x12.js reads OAuth/IMAP mailboxes and extracts contact addresses to local files
  • .ad/x0.js/.ad/x1.js include DKIM/SPF analysis, replay/direct spoof recommendations, SMTP sending, and contact extraction workflows
  • package ships phishing-like templates and phonebook SMS gateway tooling
Evidence against
  • scripts/postinstall.js only runs on Windows to create nolimit.cmd for .ad/x0.js and does not harvest or exfiltrate
  • No install-time network call or import-time payload execution found beyond the postinstall shim
  • Observed contact extraction and webmail sending are CLI/user-invoked features, not hidden lifecycle behavior
Behavioral surface
Source
ChildProcessFilesystemShell
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 19.0 KB of source

Source & flagged code

5 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
src/web-panel/ws.jsView file
269contains invisible/control Unicode U+202A (left-to-right embedding) const sendBtn = document.querySelector('[data-tooltip="Send <U+202A>(Ctrl-Enter)<U+202C>"]') ||
Critical
Trojan Source Unicode

Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

src/web-panel/ws.jsView on unpkg · L269
scripts/postinstall.jsView file
matchType = normalized_sha256 matchedPackage = nolimit-agent@1.0.308 matchedPath = scripts/postinstall.js matchedIdentity = npm:bm9saW1pdC1hZ2VudA:1.0.308 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

scripts/postinstall.jsView on unpkg
matchType = malicious_source_fingerprint_signature signature = cbd26ae1248ea37f signatureType = suspicious_hashes sourceLabel = final_verdict:malicious matchedPackage = nolimit-agent@1.0.308 matchedPath = scripts/postinstall.js matchedIdentity = npm:bm9saW1pdC1hZ2VudA:1.0.308 similarity = 1.000 shingleOverlap = 1 summary = package final verdict is malicious
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

scripts/postinstall.jsView on unpkg

Findings

1 Critical3 High2 Medium4 Low
CriticalTrojan Source Unicodesrc/web-panel/ws.js
HighInstall Time Lifecycle Scriptspackage.json
HighKnown Malware Source Similarityscripts/postinstall.js
HighKnown Malware Source Fingerprint Signaturescripts/postinstall.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings