registry  /  nolimit-agent  /  1.0.319

nolimit-agent@1.0.319

Advanced email sender

AI Security Review

scanned 3d ago · by lpm-firewall-ai

The package is a user-invoked bulk email/SMS and webmail automation toolkit with proxying, sender rotation, DKIM, HTML fingerprint evasion, and Chrome extension injection. This is dangerous dual-use/spam-enabling capability, but not confirmed install-time malware.

Static reason
High-risk behavior combination matched malicious policy.; source matched previously finalized malicious package; routed for review; source fingerprint signature matched known malicious package; routed for review
Trigger
npm postinstall on Windows for shim creation; runtime when user runs nolimit CLI commands such as send/web
Impact
Can be used to send large email/SMS campaigns and automate webmail sends from an active user session; no automatic credential theft or exfiltration was confirmed.
Mechanism
bulk messaging and webmail DOM automation with evasion/proxy features
Attack narrative
On install, only the Windows postinstall shim is confirmed. When invoked, the CLI provides mass SMTP/SMS sending, proxy/direct-MX options, sender rotation, DKIM setup, HTML fingerprint evasion, and a Chrome extension bridge that injects a panel into webmail tabs and clicks compose/send controls for listed recipients.
Rationale
Source inspection supports a warning for dangerous spam/phishing-enabling capability, but the concrete malicious behaviors are user-invoked and package-aligned, with no confirmed unconsented install/import-time theft, exfiltration, persistence, or destructive behavior. The package should not be publish-blocked as malware on the inspected evidence alone.
Evidence
package.jsonscripts/postinstall.js.ad/x0.js.ad/web-command.js.ad/xu.js.ad/xj.jssrc/web-panel/ws.jstemplates/functions.txttemplates/socks.txttemplates/config.jsonphonebook/config.json
Network endpoints8
smtp.gmail.comsmtp-mail.outlook.comsmtp.office365.comsmtp.sendgrid.nethttpbin.orgrdap.orgapi.whois.vu127.0.0.1:9227

Decision evidence

public snapshot
AI called this Suspicious at 83.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json exposes obfuscated CLI entry .ad/x0.js and postinstall lifecycle script.
  • templates/functions.txt documents bulk sending, raw SMTP, sender rotation, message-to-image, turbo mode, and DKIM setup.
  • templates/socks.txt documents SOCKS proxy rotation and direct port-25 sending via proxy.
  • src/web-panel/ws.js injects a panel into webmail pages and programmatically composes/sends Gmail/Outlook/Yahoo messages.
  • .ad/web-command.js builds a Chrome extension and localhost WebSocket bridge for webmail injection.
  • Obfuscated .ad modules include SMTP/SMS/provider, open-redirect canary, fingerprint-evasion, and contact/org enrichment code.
Evidence against
  • scripts/postinstall.js only runs on win32 and writes a nolimit.cmd shim to the npm global prefix.
  • No install-time credential harvesting, destructive action, persistence beyond the Windows shim, or exfiltration endpoint was confirmed.
  • Network behavior appears tied to user-invoked email/SMS/webmail campaign features rather than automatic import/install execution.
Behavioral surface
Source
ChildProcessFilesystemShell
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 19.0 KB of source

Source & flagged code

5 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
src/web-panel/ws.jsView file
269contains invisible/control Unicode U+202A (left-to-right embedding) const sendBtn = document.querySelector('[data-tooltip="Send <U+202A>(Ctrl-Enter)<U+202C>"]') ||
Critical
Trojan Source Unicode

Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

src/web-panel/ws.jsView on unpkg · L269
scripts/postinstall.jsView file
matchType = normalized_sha256 matchedPackage = nolimit-agent@1.0.318 matchedPath = scripts/postinstall.js matchedIdentity = npm:bm9saW1pdC1hZ2VudA:1.0.318 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

scripts/postinstall.jsView on unpkg
matchType = malicious_source_fingerprint_signature signature = cbd26ae1248ea37f signatureType = suspicious_hashes sourceLabel = final_verdict:malicious matchedPackage = nolimit-agent@1.0.318 matchedPath = scripts/postinstall.js matchedIdentity = npm:bm9saW1pdC1hZ2VudA:1.0.318 similarity = 1.000 shingleOverlap = 1 summary = package final verdict is malicious
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

scripts/postinstall.jsView on unpkg

Findings

1 Critical3 High2 Medium4 Low
CriticalTrojan Source Unicodesrc/web-panel/ws.js
HighInstall Time Lifecycle Scriptspackage.json
HighKnown Malware Source Similarityscripts/postinstall.js
HighKnown Malware Source Fingerprint Signaturescripts/postinstall.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings