registry  /  pino-zod  /  1.0.121

pino-zod@1.0.121

OSV Malicious Advisory

scanned 2h ago · by OpenSSF/OSV

OpenSSF/OSV advisory MAL-2026-6505 confirms this npm version as malicious. Package advertises itself as a pino+zod logging helper but ships content that does not match that purpose: a `dist/discordRelayUpload.js` module containing POST/upload code paths and base64 buffer handling, a `dist/relayServer.js` module, a `dist/secretScan/` tree (agentStartupAudit.js, contentScanner.js) that performs fetches against huggingface.co, a `dist/hfCredentials.js` with base64 decoding, a...

Advisory
MAL-2026-6505
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in pino-zod (npm)
Details
Package advertises itself as a pino+zod logging helper but ships content that does not match that purpose: a `dist/discordRelayUpload.js` module containing POST/upload code paths and base64 buffer handling, a `dist/relayServer.js` module, a `dist/secretScan/` tree (agentStartupAudit.js, contentScanner.js) that performs fetches against huggingface.co, a `dist/hfCredentials.js` with base64 decoding, a `dist/deploymentDefaults.js` with multiple base64 buffers, and a `scripts/postinstall-agent.mjs` containing GET/ping/id patterns. The presence of a `postinstall-agent.mjs` under `scripts/` is concerning as a possible install-time agent, and the shipped relay/upload/secret-scan modules suggest behavior far outside the declared logging-library scope. However, without traced execution context confirming whether postinstall-agent.mjs is actually invoked by a lifecycle hook, where the base64 blobs decode to, and whether the Discord/HuggingFace endpoints carry installer data outward, the intent cannot be conclusively classified. Routing to human review for inspection of package.json lifecycle hooks, the contents of deploymentDefaults.js base64 payloads, and the data flow into the Discord upload and HuggingFace fetch paths. ## Source: ghsa-malware (d57b4e49a62a8ca174c6c14820e5b101d042e3aea94438df19f9b12286a7cf30) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
Decision reason
OpenSSF Malicious Packages via OSV confirms pino-zod@1.0.121 as malicious (MAL-2026-6505): Malicious code in pino-zod (npm)

Source & flagged code

0 flagged
No flagged code excerpts are attached to this scan.

Findings

1 High
HighOsv Malicious Advisory