ltcai11 versions·1.0.1→3.1.0
Lattice AI v3 local-first AI workspace platform with knowledge graph, vector index, hybrid search, agents, and workspace modes.
→ 정적 분석기가 curl-pipe-bash 패턴 검출 — 설치 경로에 원격 코드 실행 형태가 그대로 드러남.
// Code execution / obfuscation
패턴: base64-decode
Packages whose static analysis matched this pattern. See the per-package detail pages for the offending code excerpt.
49개 패키지+에 이 패턴이 매칭됨 (총 publish 이벤트 100건을 publisher+name 기준으로 묶음). 최신순.
Lattice AI v3 local-first AI workspace platform with knowledge graph, vector index, hybrid search, agents, and workspace modes.
→ 정적 분석기가 curl-pipe-bash 패턴 검출 — 설치 경로에 원격 코드 실행 형태가 그대로 드러남.
Coding agent CLI with persistent memory, sub-agents, intelligent routing, and orchestration
→ 크리덴셜 읽기 (reads-ai-api-keys, reads-gitlab-tokens) + 외부 전송지 dest-via-hostname-var 조합 — 전형적인 유출 패턴.
P2P AI Document Agent - 全局安装后执行 `bolloon` 启动产品
→ 크리덴셜 읽기 (reads-ai-api-keys, reads-seed-phrase) + 외부 전송지 http-to-public-ip, dest-via-hostname-var 조합 — 전형적인 유출 패턴.
Shared rootfs contract parsing, reference profile assets, and build helpers.
Node and GitHub Actions adapters for shared Aleph tooling.
AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 51 skills, 11 catalogs (439 CVEs / 177 CWEs / 805 ATT&CK + ICS / 170 ATLAS / 468 D3FEND / 8888 RFCs), 35 jurisdictions, 10-class catalog gap detector + budget gate,
→ Worm self-propagation: package reads .npmrc _authToken AND invokes npm publish in install-path code. Shai-Hulud-class shape — no legitimate package re-publishes OTHER packages from the user's machine.
RTExit - AI-assisted Red Team methodology installer
→ 정적 분석기가 curl-pipe-bash 패턴 검출 — 설치 경로에 원격 코드 실행 형태가 그대로 드러남.
Claws — Terminal Control Bridge for VS Code. One command to install.
→ Worm self-propagation: package reads .npmrc _authToken AND invokes npm publish in install-path code. Shai-Hulud-class shape — no legitimate package re-publishes OTHER packages from the user's machine.
Node.js in your browser. Just like that.
→ 크리덴셜 읽기 (reads-ai-api-keys) + 외부 전송지 http-to-public-ip 조합 — 전형적인 유출 패턴.
ACTAgent Amazon Bedrock provider plugin with model discovery, embeddings, and guardrail support.
cue — Agent Profile Manager for Claude Code & Codex. Pick a profile, launch with the right skills, MCPs, and plugins.
→ 정적 분석기가 curl-pipe-bash 패턴 검출 — 설치 경로에 원격 코드 실행 형태가 그대로 드러남.
Node.js in your browser. Just like that.
→ 크리덴셜 읽기 (reads-ai-api-keys) + 외부 전송지 http-to-public-ip 조합 — 전형적인 유출 패턴.
AI-aware security scanner for VS Code — code vulnerabilities, LLM risks, secrets, dependencies, MCP & agent security
→ 크리덴셜 읽기 (reads-github-tokens, reads-aws-creds, reads-ai-api-keys, reads-azure-creds) + 외부 전송지 webhook-bin 조합 — 전형적인 유출 패턴.
The cli specific package
Node.js integration layer for Autodesk Forge
Harper is an open-source Node.js performance platform that unifies database, cache, application, and messaging layers into one in-memory process.
→ 크리덴셜 읽기 (reads-aws-creds) + 외부 전송지 http-to-public-ip 조합 — 전형적인 유출 패턴.
Harper is an open-source Node.js performance platform that unifies database, cache, application, and messaging layers into one in-memory process.
→ 크리덴셜 읽기 (reads-aws-creds) + 외부 전송지 http-to-public-ip 조합 — 전형적인 유출 패턴.
Coding agent CLI with read, bash, edit, write tools and session management
AI agent plugin for AdminForth with tool-based workflows and persistent chat sessions
Unified LLM API with automatic model discovery and provider configuration
Coding agent CLI with read, bash, edit, write tools and session management
Unified MCP pipeline for recommend-page filtering and screening on Boss Zhipin
→ 정적 분석기가 curl-pipe-bash 패턴 검출 — 설치 경로에 원격 코드 실행 형태가 그대로 드러남.
Totem LLM – Your Private AI. Run a self-hosted AI assistant locally on Linux, macOS, or Windows.
→ 크리덴셜 읽기 (reads-npmrc, reads-ai-api-keys) + 외부 전송지 dest-via-hostname-var 조합 — 전형적인 유출 패턴.
A deploy plugin for warp contracts
A decentralized NoSQL database powered by Arweave.
A deploy plugin for warp contracts
[Documentation](../docs/docs/pages/api/hbsig.mdx)
`cwao-units` runs [AO compatible units](https://ao.arweave.dev/#/spec) for CosmWasm.
APX — unified CLI + daemon for the Agent Project Context (APC) standard.
→ 크리덴셜 읽기 (reads-ai-api-keys) + 외부 전송지 dest-via-hostname-var 조합 — 전형적인 유출 패턴.
1) Start a local Ethereum node (Anvil) in one terminal:
This package includes end-to-end tests that cover Aztec's main milestones. These can be run locally either by starting anvil on a different terminal.
HTTP API server for ottocode
Personal AI assistant powered by Antigravity, AI-E, Claude, Claude E, Codex, Codex App, Cursor, Gemini, Grok, OpenCode, and Copilot — Web, Terminal, Telegram, and Discord interfaces with 107 built-in skills
→ 정적 분석기가 curl-pipe-bash 패턴 검출 — 설치 경로에 원격 코드 실행 형태가 그대로 드러남.
A professional full-stack YouTube Downloader powered by yt-dlp.
→ 크리덴셜 읽기 (reads-apple-cloudkit) + 외부 전송지 http-to-public-ip 조합 — 전형적인 유출 패턴.
QAECY UI Web Components
→ Encoded payload + dynamic execution combo (event-stream / flatmap-stream shape) — embedded blob decoded and executed at install time. Fast-tracked.
VulnSweep CLI - npm vulnerability scanner
→ 크리덴셜 읽기 (reads-github-tokens) + 외부 전송지 dest-via-hostname-var 조합 — 전형적인 유출 패턴.
Quasarr connects JDownloader with Radarr, Sonarr and Magazarr. It also decrypts links protected by CAPTCHAs.
abracadabra provider
The official OpenSearch client for Node.js
→ 의심 전송지 없음, 원격 실행 형태 없음 — 3 other host(s).
→ 의심 전송지 없음, 원격 실행 형태 없음 — 1 known-vendor host(s).
This package contains the CLI tool `cldk` used to create app integrations.
→ 의심 전송지 없음, 원격 실행 형태 없음 — 1 other host(s).
Terminal changelog logger utilities
→ 의심 전송지 없음, 원격 실행 형태 없음 — 1 known-vendor host(s).
A minimal MCP server demo exposing a hello tool.
→ 의심 전송지 없음, 원격 실행 형태 없음 — extraction empty.
Collection of tools to reconcile services with their desired state as defined in the app-interface DB.
→ 의심 전송지 없음, 원격 실행 형태 없음 — 1 known-vendor host(s).