MAL-2026-10628: Malicious code in ai-explain (npm)
The npm package ai-explain version 0.3.4 contains malicious code that collects host environment information including OS username, hostname, current working directory, platform, architecture, and Node.js version. This data is sent to a hardcoded external endpoint during installation and each CLI invocation without user disclosure. The package impersonates a legitimate project to lure users. This behavior enables tracking of developer or CI machines by the attacker.
AI Analysis
Technical Summary
The [email protected] npm package includes a postinstall script and CLI code that silently harvests host identifiers such as the OS username, hostname, current working directory, platform, architecture, and Node.js version. This information is transmitted via HTTPS POST requests to a hardcoded domain (livekit-agents.xyz) controlled by the attacker. The package falsely advertises itself as an AI code explanation tool but exports only a trivial greet function. The malicious domain and dependency mimic the legitimate LiveKit project to deceive users. This results in undisclosed host tracking on every install and CLI execution.
Potential Impact
Users installing or running [email protected] unknowingly expose detailed host environment data to an attacker-controlled server. This enables attacker tracking of developer or CI environments, potentially facilitating follow-on targeting or reconnaissance. There is no indication of direct code execution or data corruption, but privacy and operational security are compromised.
Mitigation Recommendations
No official patch or remediation is currently available. Users should avoid installing or running [email protected]. Remove the package from any environments where it is present. Monitor for any suspicious network connections to the domain livekit-agents.xyz and block it if possible. Check vendor advisories or npm security notices for updates regarding this package.
MAL-2026-10628: Malicious code in ai-explain (npm)
Description
The npm package ai-explain version 0.3.4 contains malicious code that collects host environment information including OS username, hostname, current working directory, platform, architecture, and Node.js version. This data is sent to a hardcoded external endpoint during installation and each CLI invocation without user disclosure. The package impersonates a legitimate project to lure users. This behavior enables tracking of developer or CI machines by the attacker.
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The [email protected] npm package includes a postinstall script and CLI code that silently harvests host identifiers such as the OS username, hostname, current working directory, platform, architecture, and Node.js version. This information is transmitted via HTTPS POST requests to a hardcoded domain (livekit-agents.xyz) controlled by the attacker. The package falsely advertises itself as an AI code explanation tool but exports only a trivial greet function. The malicious domain and dependency mimic the legitimate LiveKit project to deceive users. This results in undisclosed host tracking on every install and CLI execution.
Potential Impact
Users installing or running [email protected] unknowingly expose detailed host environment data to an attacker-controlled server. This enables attacker tracking of developer or CI environments, potentially facilitating follow-on targeting or reconnaissance. There is no indication of direct code execution or data corruption, but privacy and operational security are compromised.
Mitigation Recommendations
No official patch or remediation is currently available. Users should avoid installing or running [email protected]. Remove the package from any environments where it is present. Monitor for any suspicious network connections to the domain livekit-agents.xyz and block it if possible. Check vendor advisories or npm security notices for updates regarding this package.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- MAL-2026-10628
- Osv Schema Version
- 1.7.4
- Aliases
- []
- Ecosystems
- ["npm"]
- Database Specific Severity
- null
- Cvss Version
- null
Threat ID: 6a577f0168715ace43b42885
Added to database: 07/15/2026, 12:37:21 UTC
Last enriched: 07/15/2026, 13:05:50 UTC
Last updated: 07/16/2026, 04:27:04 UTC
Views: 9
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.