registry  /  nolimit-agent  /  1.0.314

nolimit-agent@1.0.314

Advanced email sender

AI Security Review

scanned 4d ago · by lpm-firewall-ai

The package is an obfuscated mass-email/phishing automation toolkit with browser webmail injection and contact extraction features. Install-time code only creates a Windows command shim, but runtime commands provide concrete abuse capability.

Static reason
High-risk behavior combination matched malicious policy.; source matched previously finalized malicious package; routed for review; source fingerprint signature matched known malicious package; routed for review
Trigger
Installing exposes nolimit CLI; user running CLI web/send/contacts/oauth commands activates behavior.
Impact
Can automate unsolicited email delivery, abuse active webmail sessions, store OAuth/SMTP tokens, and extract contacts from configured accounts.
Mechanism
obfuscated spam/phishing sender with webmail automation and credential/contact handling
Attack narrative
After installation the package exposes an obfuscated nolimit CLI. Runtime commands can launch a Chrome extension that injects a panel into active webmail pages and clicks compose/send across target lists, while other commands save OAuth/SMTP credentials and extract contacts from mailbox data. This is packaged as an email sender/red-team tool, but the concrete capabilities align with phishing and spam infrastructure.
Rationale
Source inspection confirms obfuscated runtime code for mass email delivery, webmail session automation, token storage, and contact extraction, which is a concrete abuse surface beyond benign email tooling. The postinstall hook alone is not malicious, but the package's shipped entrypoints and templates establish malicious phishing/spam capability. Product guard normalized a non-low false-positive publish_block request to warn-only suspicious.
Evidence
package.jsonscripts/postinstall.js.ad/x0.js.ad/web-command.jssrc/web-panel/ws.jstemplates/functions.txttemplates/smtps.txtphonebook/config.jsonsmtps.txtextracted/dkim/
Network endpoints4
smtp.gmail.comsmtp-mail.outlook.comsmtp.office365.comsmtp.sendgrid.net

Decision evidence

public snapshot
AI called this Suspicious at 92.0% confidence as Malware with medium false-positive risk.
Evidence for warning
  • package.json exposes obfuscated .ad/x0.js as main/bin and postinstall lifecycle.
  • .ad/x0.js implements bulk email/phonebook workflows, OAuth token saving, contacts extraction, DKIM setup, and writes smtps.txt/extracted outputs.
  • src/web-panel/ws.js injects a webmail panel into Gmail/Outlook/Yahoo and programmatically composes and clicks Send for target lists.
  • .ad/web-command.js creates a Chrome extension under the user's home directory with tabs/scripting/alarms and broad host permissions, then injects the panel code.
  • Templates and docs describe phishing-style sender names, OAuth SMTP tokens, inbox/contact extraction, SMTP rotation, SOCKS, and target lists.
Evidence against
  • scripts/postinstall.js is Windows-only shim creation, not credential theft by itself.
  • Observed high-risk behavior is primarily user-invoked CLI/browser-extension functionality, not automatic install-time exfiltration.
Behavioral surface
Source
ChildProcessFilesystemShell
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 19.0 KB of source

Source & flagged code

5 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
src/web-panel/ws.jsView file
269contains invisible/control Unicode U+202A (left-to-right embedding) const sendBtn = document.querySelector('[data-tooltip="Send <U+202A>(Ctrl-Enter)<U+202C>"]') ||
Critical
Trojan Source Unicode

Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

src/web-panel/ws.jsView on unpkg · L269
scripts/postinstall.jsView file
matchType = normalized_sha256 matchedPackage = nolimit-agent@1.0.308 matchedPath = scripts/postinstall.js matchedIdentity = npm:bm9saW1pdC1hZ2VudA:1.0.308 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

scripts/postinstall.jsView on unpkg
matchType = malicious_source_fingerprint_signature signature = cbd26ae1248ea37f signatureType = suspicious_hashes sourceLabel = final_verdict:malicious matchedPackage = nolimit-agent@1.0.308 matchedPath = scripts/postinstall.js matchedIdentity = npm:bm9saW1pdC1hZ2VudA:1.0.308 similarity = 1.000 shingleOverlap = 1 summary = package final verdict is malicious
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

scripts/postinstall.jsView on unpkg

Findings

1 Critical3 High2 Medium4 Low
CriticalTrojan Source Unicodesrc/web-panel/ws.js
HighInstall Time Lifecycle Scriptspackage.json
HighKnown Malware Source Similarityscripts/postinstall.js
HighKnown Malware Source Fingerprint Signaturescripts/postinstall.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings