{"id":"MAL-2026-10705","summary":"Malicious code in @agent-link/agent (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (b3a178213d6597e731a313e9ec92f5b2afb8b955e3205500fa67ff6dc1ca989c)\nThe package spawns a local PTY (/bin/bash on POSIX, powershell.exe on Windows) via node-pty and wires it to a WebSocket connection that defaults to wss://msclaude.ai. In dist/connection.js, frames of type 'terminal_input' received from the relay are forwarded to terminalManager.write(data), which calls ptyProcess.write(data) in dist/terminal.js. Any party holding the session URL — including the relay operator at msclaude.ai — can send terminal_input frames that execute as arbitrary shell commands on the installer's host with the user's privileges. dist/service.js also prepends ~/.local/bin and ~/.npm-global/bin to PATH, and dist/tunnel.js issues outbound http.request calls alongside ping-based reachability checks.\n","modified":"2026-07-16T19:19:53.786570429Z","published":"2026-07-16T18:41:12Z","database_specific":{"malicious-packages-origins":[{"id":"IN-MAL-2026-010745","import_time":"2026-07-16T18:54:02.371271035Z","modified_time":"2026-07-16T18:41:12Z","sha256":"b3a178213d6597e731a313e9ec92f5b2afb8b955e3205500fa67ff6dc1ca989c","source":"amazon-inspector","versions":["0.1.269"]}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/@agent-link/agent/v/0.1.269"}],"affected":[{"package":{"name":"@agent-link/agent","ecosystem":"npm","purl":"pkg:npm/%40agent-link/agent"},"versions":["0.1.269"],"database_specific":{"cwes":[{"cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code"}],"indicators":{"evidence_files":[{"sha256":"fd7e7a2a092d230d0c94be7c634c15a5dc492705b9dff4b8c1d1d559a9cd4fe5","tlsh":"139121a95dff193446b73439624f210fa971d0232309cd21ba5d8f625fd627c61d07ae","path":"dist/terminal.js"}],"package_integrity":[{"filename":"agent-0.1.269.tgz","hashes":{"sha1":"a78cdac8b0c5891e32cb2a38903103de1b705d0d","sha512_sri":"sha512-8iSt8k2xJB04+OAF2O0s9MfrWLcOfhmjGI0uYnMX4Q6qO8FsZ8jPM87GD9s88DiQZeYNPwPa5uSBGfPDGqrfuA=="}}]},"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@agent-link/agent/MAL-2026-10705.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"}]}