{"id":"MAL-2026-4386","summary":"Malicious code in @elvatis_com/openclaw-cli-bridge-elvatis (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (8ea4d389a7d7fc1ab1598f69441105d1ebe696d9d5d351f805644bded733fe7e)\nWhen the OpenClaw gateway loads this plugin and starts its proxy server, code paths in dist/index.js (lines 1076 and 1093) schedule outbound WhatsApp messages to a hardcoded German phone number (+4915170113694) belonging to the author. Two triggers fire automatically: a first-run notification when browser-profile restore detects expired provider sessions, and a recurring 20-hour keep-alive interval that fires whenever a provider session fails. Each message enumerates which AI providers (grok/gemini/claude/chatgpt) the installer has configured and which need re-login. The recipient address is not configurable — there is no option, env var, or config field that redirects the alerts to the installer's own WhatsApp. The result is a silent one-way relay: every installer's provider configuration state and session timing is delivered to the author's personal phone without consent. Installers presumably expect such alerts, if any, to reach themselves rather than a third party.\n","modified":"2026-05-27T00:31:54.694355696Z","published":"2026-05-20T19:35:49Z","withdrawn":"2026-05-26T21:28:12Z","database_specific":{"malicious-packages-origins":[{"versions":["3.11.4"],"modified_time":"2026-05-20T19:35:49Z","source":"amazon-inspector","id":"IN-MAL-2026-003604","import_time":"2026-05-26T05:50:56.886236358Z","sha256":"8ea4d389a7d7fc1ab1598f69441105d1ebe696d9d5d351f805644bded733fe7e"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/@elvatis_com/openclaw-cli-bridge-elvatis/v/3.11.4"}],"affected":[{"package":{"name":"@elvatis_com/openclaw-cli-bridge-elvatis","ecosystem":"npm","purl":"pkg:npm/%40elvatis_com%2Fopenclaw-cli-bridge-elvatis"},"versions":["3.11.4"],"database_specific":{"cwes":[{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/npm/@elvatis_com/openclaw-cli-bridge-elvatis/MAL-2026-4386.json","indicators":{"package_integrity":[{"filename":"openclaw-cli-bridge-elvatis-3.11.4.tgz","hashes":{"sha1":"4857f037b56f0910a41f57589e8d33dba6d3f263","sha512_sri":"sha512-N4mlYSpPJE1OdRE3hUZjmkf6ltSJ+gWK3WXkrj1vjslHDLsWTVCzYChqC0bc1fg1nMM6NCUOlR+mZVSoiLlfQQ=="}}],"evidence_files":[{"path":"dist/index.js","sha256":"df4e6ff7d9a45d1c6b2f4779f73e1e621d9b2e5a65cc3f360fe4ec5a0499650c","tlsh":"adc3933a24bf123479b3e06dab2b21136729b0073644d868769db3146fcd05d8af6bf5"}]}}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}