{"id":"MAL-2026-4403","summary":"Malicious code in @link-assistant/hive-mind (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (7dfeaad3a9eda8f440dabe165d4ff6ba593c9858b9752d9bded19b05b292072a)\nThe package fetches https://unpkg.com/use-m/use.js — an unpinned URL that resolves to the latest published version of the third-party `use-m` package — and passes the response body directly to `eval()` to bootstrap a runtime module loader. The pattern appears at the top level of src/lib.mjs (lines 34-36: `globalThis.use = (await eval(await (await fetch('https://unpkg.com/use-m/use.js')).text())).use`), so it fires on import of that module by any consumer or bin script. The same pattern is repeated in src/hive.mjs (lines 48-53) and across roughly thirty other files in the package. There is no version pin, no SRI hash, and no integrity verification. Any compromise of the `use-m` npm package, or of the unpkg response path, results in arbitrary attacker-controlled JavaScript executing in the context of every consumer that runs or imports this package — including, when the user passes `--auto-cleanup`, a `sudo rm -rf /tmp/* /var/tmp/*` shell call that broadens the blast radius. The static `fetch`/`POST`/`process.env` co-occurrences in config.lib.mjs, github.lib.mjs, hive.mjs, limits.lib.mjs, opencode.lib.mjs, playwright-mcp.lib.mjs, and youtrack/youtrack.lib.mjs are calls to documented vendor APIs (api.openai.com, api.anthropic.com, api.github.com, opencode.ai, youtrack.cloud) consistent with the package's stated AI-orchestration purpose and are not themselves the block basis.\n","modified":"2026-05-27T00:31:59.549989623Z","published":"2026-05-20T20:09:58Z","withdrawn":"2026-05-26T21:41:23Z","database_specific":{"malicious-packages-origins":[{"id":"IN-MAL-2026-003618","modified_time":"2026-05-20T21:44:41Z","source":"amazon-inspector","sha256":"12e8cdb373e71695e4e6c772d1e578c5a74629620556e178d26f01f51550ea2d","versions":["1.72.3"],"import_time":"2026-05-26T05:50:58.758128257Z"},{"id":"IN-MAL-2026-003842","modified_time":"2026-05-21T14:00:12Z","source":"amazon-inspector","sha256":"3b232e042b208f0b97d6a628564d09393a32bcaef72e98f8e14577200cbd7acd","versions":["1.72.5"],"import_time":"2026-05-26T05:51:25.678163458Z"},{"source":"amazon-inspector","modified_time":"2026-05-20T20:09:58Z","import_time":"2026-05-26T05:50:57.666860441Z","sha256":"7dfeaad3a9eda8f440dabe165d4ff6ba593c9858b9752d9bded19b05b292072a","versions":["1.69.17"],"id":"IN-MAL-2026-003608"},{"sha256":"9f8fc0b69fbde13b464210c9e878b186c2ff6925216a6fbe32b696a8dc4ba6ef","modified_time":"2026-05-22T18:30:32Z","import_time":"2026-05-26T05:52:12.844989918Z","id":"IN-MAL-2026-004238","versions":["1.72.6"],"source":"amazon-inspector"},{"import_time":"2026-05-26T05:50:58.857959437Z","modified_time":"2026-05-20T21:51:15Z","source":"amazon-inspector","sha256":"ebdea8c9c57a1f52fa0104ecee2863d658fcdabd1d349cd98a0ac6e848a8ceb9","versions":["1.72.1"],"id":"IN-MAL-2026-003619"},{"sha256":"3a42678dfe5e822598d5b90ab5ea844cb32d71559fdbd5e3a31417701f7adb1f","modified_time":"2026-05-21T12:55:38Z","import_time":"2026-05-26T05:51:22.399936578Z","id":"IN-MAL-2026-003815","versions":["1.72.4"],"source":"amazon-inspector"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/@link-assistant/hive-mind/v/1.72.3"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/@link-assistant/hive-mind/v/1.72.5"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/@link-assistant/hive-mind/v/1.69.17"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/@link-assistant/hive-mind/v/1.72.6"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/@link-assistant/hive-mind/v/1.72.1"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/@link-assistant/hive-mind/v/1.72.4"}],"affected":[{"package":{"name":"@link-assistant/hive-mind","ecosystem":"npm","purl":"pkg:npm/%40link-assistant%2Fhive-mind"},"versions":["1.72.3","1.72.5","1.69.17","1.72.6","1.72.1","1.72.4"],"database_specific":{"indicators":{"evidence_files":[{"tlsh":"88f2d61b3861323207d71ac57f4f6806977aca68a706f4d8a85f56883f8e0249177fdb","sha256":"12cb17321bb398049d9b34fca141a669b9d20ac36fe8423fb79275584493dd17","path":"src/config.lib.mjs"}],"package_integrity":[{"hashes":{"sha1":"b54fc0c512619498cab297a6adf41c241a1a2e68","sha512_sri":"sha512-3op1yZWH6gA4GXB2o1TZKsvX6xJRf+IKqNSg4YNopdHGt7SOlXAFosEj8qy1EAPwV8HRRJSnuwohxVtJwQjPBQ=="},"filename":"hive-mind-1.72.3.tgz"}]},"cwes":[{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"},{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"},{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"},{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"},{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"},{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/npm/@link-assistant/hive-mind/MAL-2026-4403.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}