registry  /  nolimit-agent  /  1.0.330

nolimit-agent@1.0.330

Advanced email sender

AI Security Review

scanned 1d ago · by lpm-firewall-ai

The package is a user-invoked bulk email/red-team tool with webmail automation, OAuth mail access, contact extraction, evasion, and template generation. This is dangerous dual-use capability, but the inspected lifecycle hooks do not establish unconsented malware behavior.

Static reason
High-risk behavior combination matched malicious policy.; source matched previously finalized malicious package; routed for review; source fingerprint signature matched known malicious package; routed for review
Trigger
npm install for EULA/shim; user runs nolimit commands for sending, auth, contacts, web
Impact
Can be used to send phishing/spam campaigns and extract contacts from configured mailboxes; no confirmed attacker-controlled exfiltration at install time.
Mechanism
bulk email automation and mailbox/contact access tooling
Attack narrative
On install, the package shows an interactive EULA and on Windows may create a package bin shim. When invoked, the obfuscated CLI supports OAuth login, saving mail tokens/config, extracting contacts from Microsoft/Google/IMAP mailboxes, generating DKIM material, launching a Chrome/webmail sending panel, and sending templated messages with evasion-oriented options.
Rationale
Source inspection confirms high-risk spam/phishing and mailbox-contact tooling, but the suspicious behavior is user-invoked and package-aligned rather than install-time hijack, persistence, or confirmed credential exfiltration to an attacker endpoint. Mark warn/suspicious for dangerous dual-use capability rather than publish-block malware.
Evidence
package.jsonscripts/preinstall.jsscripts/postinstall.js.ad/x0.js.ad/x12.jssrc/web-panel/ws.jstemplates/config.jsontemplates/functions.txt~/.nolimit/eula.jsonnolimit.cmdconfig.jsonsmtps.txtextracted/dkim/
Network endpoints5
oauth2.googleapis.com/tokengraph.microsoft.com/v1.0/me/mailFolders/inbox/messagesgraph.microsoft.com/v1.0/me/mailFolders/sentitems/messagesdns.google/resolveapi.whois.vu/

Decision evidence

public snapshot
AI called this Suspicious at 86.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json declares preinstall/postinstall lifecycle hooks and obfuscated main/bin .ad/x0.js
  • src/web-panel/ws.js injects a webmail panel that fills and clicks Send in Gmail/Outlook/Yahoo for target lists
  • Obfuscated .ad/x0.js exposes commands for auth, contacts extraction, WebSend injection, DKIM generation, and bulk email workflows
  • .ad/x12.js performs OAuth device-code auth and reads Microsoft/Google contacts/mail recipients via Graph/People/IMAP
  • Templates/configs include SMTP credentials, target lists, QR/link placeholders, and attachment/phishing-style message generation
Evidence against
  • preinstall.js only prompts for EULA and writes ~/.nolimit/eula.json after interactive acceptance
  • postinstall.js is Windows-only and creates a nolimit.cmd shim for this package bin, not a foreign control surface
  • No install-time credential harvesting or attacker exfiltration endpoint was confirmed
  • Network activity observed is largely user-invoked OAuth, mail, DNS/whois, and webmail automation functionality
Behavioral surface
Source
ChildProcessFilesystemShell
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 3 file(s), 22.5 KB of source

Source & flagged code

6 flagged · loading source
package.jsonView file
scripts.preinstall = node scripts/preinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.preinstall = node scripts/preinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
scripts.postinstall = node scripts/postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
src/web-panel/ws.jsView file
269contains invisible/control Unicode U+202A (left-to-right embedding) const sendBtn = document.querySelector('[data-tooltip="Send <U+202A>(Ctrl-Enter)<U+202C>"]') ||
Critical
Trojan Source Unicode

Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

src/web-panel/ws.jsView on unpkg · L269
scripts/postinstall.jsView file
matchType = normalized_sha256 matchedPackage = nolimit-agent@1.0.327 matchedPath = scripts/postinstall.js matchedIdentity = npm:bm9saW1pdC1hZ2VudA:1.0.327 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

scripts/postinstall.jsView on unpkg
matchType = malicious_source_fingerprint_signature signature = 97ad344d2ec43431 signatureType = suspicious_hashes sourceLabel = final_verdict:malicious matchedPackage = nolimit-agent@1.0.327 matchedPath = scripts/postinstall.js matchedIdentity = npm:bm9saW1pdC1hZ2VudA:1.0.327 similarity = 1.000 shingleOverlap = 2 summary = package final verdict is malicious
High
Known Malware Source Fingerprint Signature

Source fingerprint signature matches a known malicious package signature; route for source-aware review.

scripts/postinstall.jsView on unpkg

Findings

1 Critical3 High3 Medium4 Low
CriticalTrojan Source Unicodesrc/web-panel/ws.js
HighInstall Time Lifecycle Scriptspackage.json
HighKnown Malware Source Similarityscripts/postinstall.js
HighKnown Malware Source Fingerprint Signaturescripts/postinstall.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings