{"id":"MAL-2026-3387","summary":"Malicious code in @gaia-codesearch/gaia-api-python (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (bffb43bbb30e1d5c01c4c389983726a49a5489ddebcfef91353d03f7a767d01f)\nThe package @gaia-codesearch/gaia-api-python was found to contain malicious code.\n\n## Source: ossf-package-analysis (a2e1f356fe59b17e0506a18830d5cb200068eac98fcd4ed8439105edc5dc717c)\nThe OpenSSF Package Analysis project identified '@gaia-codesearch/gaia-api-python' @ 0.0.5 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package communicates with a domain associated with malicious activity.\n","modified":"2026-05-12T07:52:48.387828Z","published":"2026-05-08T09:26:32Z","database_specific":{"malicious-packages-origins":[{"versions":["0.0.5"],"import_time":"2026-05-08T09:38:35.712261697Z","modified_time":"2026-05-08T09:26:32Z","source":"ossf-package-analysis","sha256":"a2e1f356fe59b17e0506a18830d5cb200068eac98fcd4ed8439105edc5dc717c"},{"versions":["0.0.8"],"import_time":"2026-05-09T18:24:44.059552619Z","modified_time":"2026-05-09T17:55:45Z","source":"ossf-package-analysis","sha256":"6983ab908a355b3fef4cf6f2c219c0ee6baf362364a27303117a60d057eaab7b"},{"versions":["0.0.5","0.0.8"],"import_time":"2026-05-12T07:28:56.599973988Z","modified_time":"2026-05-12T06:53:21Z","source":"amazon-inspector","sha256":"bffb43bbb30e1d5c01c4c389983726a49a5489ddebcfef91353d03f7a767d01f"}]},"affected":[{"package":{"name":"@gaia-codesearch/gaia-api-python","ecosystem":"npm","purl":"pkg:npm/%40gaia-codesearch/gaia-api-python"},"versions":["0.0.5","0.0.8"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@gaia-codesearch/gaia-api-python/MAL-2026-3387.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"}]}