// npm 패키지
@delorenj/pjangler
Project subsystem bootstrapper CLI
버전
3
메인테이너
1
라이선스
MIT
최초 publish
2026-06-01
publisher
lasertoast
tarball
4,318,482 B
AUTO-PUBLISHED·2개 버전 인덱싱됨·최근 publish: 2026-06-05
// exfil path
what is read → where it shipssteals
- ● Chromium logins
- ● Slack tokens
- ● Discord tokens
- ○ system info
- ○ home dir
sends to
- ⚙ curl | bash(fetches + executes remote payload)
// offending code· @1.1.5· 3 files flagged
llm: malicious · 0.95→ 정적 분석기가 curl-pipe-bash 패턴 검출 — 설치 경로에 원격 코드 실행 형태가 그대로 드러남.
- @1.1.5··AUTO-PUBLISHED·publisher: lasertoastheuristic 60/100static flags 10llm malicious (0.95) via fast-trackpublish-burst:3new-publisher:0dreads-env-varsreads-system-infocurl-pipe-bashpy-pip-install-runtimereads-chromium-credsreads-slack-tokensreads-discord-tokensreads-homedirchild-process-spawnpy-urllib-request
→ 정적 분석기가 curl-pipe-bash 패턴 검출 — 설치 경로에 원격 코드 실행 형태가 그대로 드러남.
// offending code· 3 files flaggedpatterns: 10
