{"id":"MAL-2026-4504","summary":"Malicious code in cami-design (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (57ccc787b2437085a18ed05c52fc473d8c28162cbe3cbbaa04adaefa73389da1)\nOn install, scripts/install.js invokes autoUpdate.install(), which writes a launchd agent to ~/Library/LaunchAgents/co.themobilefirst.cami-design.update.plist (scripts/auto-update.js) that runs `npm install -g cami-design@latest --silent` every 24 hours and is loaded immediately via `launchctl load`. The persisted agent fetches whatever version of the package is published as @latest at any future moment, with global install scope and no integrity verification. This establishes a long-lived remote code execution channel: any subsequent malicious publish (including via a compromised npm account) will be silently auto-installed system-wide on every machine that ever installed this version. The persistence is opt-out-only (an environment variable disables it) with no prompt at install time. A separate postinstall behavior symlinks bundled directories into ~/.claude/skills/ with.bak backups; this is the advertised function and not the basis for the block, but it also mutates a user-owned config directory silently.\n","modified":"2026-05-26T06:02:17.058335073Z","published":"2026-05-24T15:22:47Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2026-05-24T15:22:47Z","versions":["0.2.5"],"import_time":"2026-05-26T05:52:44.591383276Z","source":"amazon-inspector","sha256":"57ccc787b2437085a18ed05c52fc473d8c28162cbe3cbbaa04adaefa73389da1","id":"IN-MAL-2026-004509"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/cami-design/v/0.2.5"}],"affected":[{"package":{"name":"cami-design","ecosystem":"npm","purl":"pkg:npm/cami-design"},"versions":["0.2.5"],"database_specific":{"cwes":[{"cweId":"CWE-506","name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature."}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/cami-design/MAL-2026-4504.json","indicators":{"evidence_files":[{"path":"scripts/auto-update.js","sha256":"06cc8a93d5d6623bb85be84bb32134e1e14e28bccd1ced653ede30a1633c02bb","tlsh":"c36160898ae1b134bde60a2a674f142a218bd543293adce4b0df530cdf83d1816771fe"},{"path":"scripts/install.js","sha256":"7fe2198b0af3c2e52363a016632a530d3ff09cbdd25e92bd629049c319cdbdab","tlsh":"bb3123c997d90230bf7592d92e5b517a3249ca223247e468e2ed0797b9c3104892f6fe"}],"package_integrity":[{"filename":"cami-design-0.2.5.tgz","hashes":{"sha512_sri":"sha512-f9T41JjHys0p9qE2oh/nxEjO1YWUtiDwmevX4zl4aANQ1AbkqbYpwPxwUB2yCZP/mEHymnxSVTHZuBx2PIApAw==","sha1":"b2ffc7a1b1f2dbf3d7aaa13f0e62266867150f5e"}}]}}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}