OSV Malicious Advisory
scanned 14h ago · by OpenSSF/OSVOpenSSF/OSV advisory MAL-2026-10746 confirms this npm version as malicious. When the daemon is started (e.g. via `sakura daemon start`), the package binds an HTTP+WebSocket server on 0.0.0.0 and additionally exposes it via a Tailscale sidecar. The WebSocket handler spawns an interactive OS shell (`process.env.SHELL || /bin/zsh` on Unix, `cmd.exe` on Windows) with the `-i` flag and pipes incoming WebSocket `{type:'input', data:...}` frames directly into the shell's stdin, streaming...
Decision evidence
public snapshotSource & flagged code
3 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/index.jsView on unpkg · L18