registry  /  nolimit-agent  /  1.0.326

nolimit-agent@1.0.326

Advanced email sender

AI Security Review

scanned 12h ago · by lpm-firewall-ai

Package is a bulk email/SMS and webmail automation tool with an obfuscated CLI entrypoint. It can automate message delivery and extract contacts from configured mail accounts, but inspected evidence does not prove unconsented exfiltration or install-time malware beyond package shim creation.

Static reason
High-risk behavior combination matched malicious policy.; source matched previously finalized malicious package; routed for review; source fingerprint signature matched known malicious package; routed for review
Trigger
npm install on Windows for shim creation; running nolimit CLI or pressing the injected web-panel Send button for messaging
Impact
Can be used for spam/phishing-style campaigns and contact harvesting from configured accounts; install hook mutates the global npm bin directory for its own command shim.
Mechanism
obfuscated bulk messaging and webmail DOM automation
Rationale
The source shows dangerous dual-use bulk messaging, contact extraction, and opaque obfuscated runtime code, warranting a warning. I did not find concrete unconsented credential exfiltration, destructive behavior, remote payload execution, or foreign AI-agent control-surface mutation needed for a publish block.
Evidence
package.jsonscripts/postinstall.js.ad/x0.jssrc/web-panel/ws.jstemplates/phonebook/<npm-prefix>/nolimit.cmdsmtps.txtcontacts.jsonextracted/dkim/package .ad/x0.js
Network endpoints1
dns.google/resolve

Decision evidence

public snapshot
AI called this Suspicious at 82.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json runs postinstall and exposes obfuscated .ad/x0.js as main/bin
  • scripts/postinstall.js writes a Windows global nolimit.cmd shim at install time
  • src/web-panel/ws.js injects a panel into webmail pages and automates Gmail/Outlook/Yahoo compose/send clicks
  • templates/ and phonebook/ contain bulk email/SMS configs, sender lists, SMTP creds placeholders, and message templates
  • .ad/x0.js is heavily obfuscated and contains bulk SMS/email, OAuth token storage, contact extraction, and DKIM tooling
Evidence against
  • postinstall is platform-gated to win32 and only creates a package-owned bin shim
  • No confirmed credential exfiltration or attacker-controlled dropper endpoint found in inspected readable source
  • web-panel sending is triggered by the panel Send button
  • Credentials/tokens in templates are placeholders or user-supplied operational config
Behavioral surface
Source
ChildProcessFilesystemShell
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 19.0 KB of source

Source & flagged code

5 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
src/web-panel/ws.jsView file
269contains invisible/control Unicode U+202A (left-to-right embedding) const sendBtn = document.querySelector('[data-tooltip="Send <U+202A>(Ctrl-Enter)<U+202C>"]') ||
Critical
Trojan Source Unicode

Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

src/web-panel/ws.jsView on unpkg · L269
scripts/postinstall.jsView file
matchType = normalized_sha256 matchedPackage = nolimit-agent@1.0.327 matchedPath = scripts/postinstall.js matchedIdentity = npm:bm9saW1pdC1hZ2VudA:1.0.327 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

scripts/postinstall.jsView on unpkg
matchType = malicious_source_fingerprint_signature signature = cbd26ae1248ea37f signatureType = suspicious_hashes sourceLabel = final_verdict:malicious matchedPackage = nolimit-agent@1.0.318 matchedPath = scripts/postinstall.js matchedIdentity = npm:bm9saW1pdC1hZ2VudA:1.0.318 similarity = 1.000 shingleOverlap = 1 summary = package final verdict is malicious
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

scripts/postinstall.jsView on unpkg

Findings

1 Critical3 High2 Medium4 Low
CriticalTrojan Source Unicodesrc/web-panel/ws.js
HighInstall Time Lifecycle Scriptspackage.json
HighKnown Malware Source Similarityscripts/postinstall.js
HighKnown Malware Source Fingerprint Signaturescripts/postinstall.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings