{"id":"MAL-2026-4539","summary":"Malicious code in create-kachow (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (b65b2deeeafefb22b81e6a863b51115953b108991e5462d939dce3d6b8ee4a97)\nbin/create-kachow.js declares a BUILTIN_KEYS object containing live API keys for four third-party AI providers (Gemini key starting AIzaSyByPyGWXRVsa0..., OpenRouter sk-or-v1-673e3b6d..., Mistral OiCiNtvBsogE..., DeepSeek sk-7ecd4ed8...). The key-resolution helpers (e.g. resolveGeminiKeys) fall back to these built-in keys whenever the corresponding env var is unset, so any installer running `npx create-kachow` obtains and uses live credentials against generativelanguage.googleapis.com, openrouter.ai, api.mistral.ai, and api.deepseek.com. Two installer-affecting harms follow: (1) the keys are extractable from the package by anyone who installs it and can be abused against the four third-party providers (credential redistribution); (2) the README advertises a 'deterministic template generator — no AI required' fallback when no keys are set, but the code instead silently routes the user-supplied app description (the `appPrompt` from `ask(\"Describe your app:\")`) to those four providers under the author's account, where prompts may be logged. This contradicts documented behavior and makes the data flow non-consensual.\n","modified":"2026-05-26T06:02:25.039804960Z","published":"2026-05-20T21:40:32Z","database_specific":{"malicious-packages-origins":[{"id":"IN-MAL-2026-003617","source":"amazon-inspector","sha256":"b65b2deeeafefb22b81e6a863b51115953b108991e5462d939dce3d6b8ee4a97","versions":["1.2.0"],"modified_time":"2026-05-20T21:40:32Z","import_time":"2026-05-26T05:50:58.611980417Z"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/create-kachow/v/1.2.0"}],"affected":[{"package":{"name":"create-kachow","ecosystem":"npm","purl":"pkg:npm/create-kachow"},"versions":["1.2.0"],"database_specific":{"indicators":{"package_integrity":[{"hashes":{"sha1":"e6180d20952da7ad32afc81221a1ee504f3cb40b","sha512_sri":"sha512-chwwfumJVOac2cz+mbcK2RWQtAf5QTihcos56+2pF8Bfp49mUp8FA51vNATOIMmXSrsYjIZ0q49Fyz824b/RJg=="},"filename":"create-kachow-1.2.0.tgz"}],"evidence_files":[{"path":"bin/create-kachow.js","sha256":"4a4a3ccfc707a30076814b7d03b9404f4380f3c3310bf2172eddec3b6ae4e1e7","tlsh":"89a3f826b4f118214ab3e1783e6b54017978e017ad09ed54b7ec92842fce9aec4f27dd"}]},"cwes":[{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/create-kachow/MAL-2026-4539.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}