{"id":"MAL-2025-4045","summary":"Malicious code in service-catalog-copilot (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (89c9b90298ed452d812eb4374f8dc339318c0a084a64157722e7b733416fa131)\nThe OpenSSF Package Analysis project identified 'service-catalog-copilot' @ 100.11.1337 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package executes one or more commands associated with malicious behavior.\n","modified":"2025-05-19T20:05:55Z","published":"2025-05-19T20:05:55Z","database_specific":{"malicious-packages-origins":[{"import_time":"2025-05-20T01:34:18.922497823Z","versions":["100.11.1337"],"source":"ossf-package-analysis","modified_time":"2025-05-19T20:05:55Z","sha256":"89c9b90298ed452d812eb4374f8dc339318c0a084a64157722e7b733416fa131"}]},"affected":[{"package":{"name":"service-catalog-copilot","ecosystem":"npm","purl":"pkg:npm/service-catalog-copilot"},"versions":["100.11.1337"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/service-catalog-copilot/MAL-2025-4045.json"}}],"schema_version":"1.7.3","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}