MAL-2026-6555: Malicious code in livekit-agents (npm)
The unscoped npm package 'livekit-agents' impersonates the official LiveKit Agents SDK but only provides a trivial stub implementation. It covertly sends telemetry data about CLI usage to a lookalike domain controlled by the attacker without user consent. The package includes a postinstall hook placeholder that is currently inactive but could be used in future versions to deliver malicious payloads. This behavior matches a typosquatting pattern aimed at enumerating victims before further exploitation.
AI Analysis
Technical Summary
The 'livekit-agents' npm package is a malicious typosquatting package that impersonates the official LiveKit Agents SDK by name and README references but does not implement the real SDK functionality. Instead, it contains a stub function and a CLI that unconditionally sends usage metrics including environment details to an attacker-controlled lookalike domain 'livekit-agents.xyz', which is distinct from the legitimate 'livekit.io' domain. The package also declares a postinstall script in its manifest that is not currently present in the shipped files, indicating preparation for future malicious payload delivery. These combined factors indicate namespace abuse and telemetry collection to identify potential victims for subsequent attacks.
Potential Impact
Users installing this package may unknowingly send telemetry data about their environment and usage to an attacker-controlled server, potentially exposing sensitive metadata. The presence of a pre-wired postinstall hook suggests risk of future malicious code execution upon installation. Although no active exploit payload is currently delivered, the package's behavior constitutes a privacy and security risk and may lead to further compromise if updated with malicious code.
Mitigation Recommendations
No official patch or fix is currently available. Users should avoid installing the unscoped 'livekit-agents' package and instead use the official scoped LiveKit Agents SDK from the legitimate source. Monitor for updates from the official LiveKit project and npm advisories for any remediation. Since the postinstall hook is currently inactive, immediate exploitation risk is limited, but caution is advised to prevent telemetry leakage and potential future payloads.
MAL-2026-6555: Malicious code in livekit-agents (npm)
Description
The unscoped npm package 'livekit-agents' impersonates the official LiveKit Agents SDK but only provides a trivial stub implementation. It covertly sends telemetry data about CLI usage to a lookalike domain controlled by the attacker without user consent. The package includes a postinstall hook placeholder that is currently inactive but could be used in future versions to deliver malicious payloads. This behavior matches a typosquatting pattern aimed at enumerating victims before further exploitation.
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The 'livekit-agents' npm package is a malicious typosquatting package that impersonates the official LiveKit Agents SDK by name and README references but does not implement the real SDK functionality. Instead, it contains a stub function and a CLI that unconditionally sends usage metrics including environment details to an attacker-controlled lookalike domain 'livekit-agents.xyz', which is distinct from the legitimate 'livekit.io' domain. The package also declares a postinstall script in its manifest that is not currently present in the shipped files, indicating preparation for future malicious payload delivery. These combined factors indicate namespace abuse and telemetry collection to identify potential victims for subsequent attacks.
Potential Impact
Users installing this package may unknowingly send telemetry data about their environment and usage to an attacker-controlled server, potentially exposing sensitive metadata. The presence of a pre-wired postinstall hook suggests risk of future malicious code execution upon installation. Although no active exploit payload is currently delivered, the package's behavior constitutes a privacy and security risk and may lead to further compromise if updated with malicious code.
Mitigation Recommendations
No official patch or fix is currently available. Users should avoid installing the unscoped 'livekit-agents' package and instead use the official scoped LiveKit Agents SDK from the legitimate source. Monitor for updates from the official LiveKit project and npm advisories for any remediation. Since the postinstall hook is currently inactive, immediate exploitation risk is limited, but caution is advised to prevent telemetry leakage and potential future payloads.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- MAL-2026-6555
- Osv Schema Version
- 1.7.4
- Aliases
- []
- Ecosystems
- ["npm"]
- Database Specific Severity
- null
- Cvss Version
- null
Threat ID: 6a42ed7827e9c797199395c6
Added to database: 06/29/2026, 22:11:04 UTC
Last enriched: 06/29/2026, 22:41:18 UTC
Last updated: 06/30/2026, 00:53:32 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.