Analyze your own packages withvet GitHub

graphql.vscode-graphql-syntax@99.99.99

Malicious
Verified
Analyzed at:12/19/2024, 12:53:30 AM
Source:https://registry.npmjs.org/graphql.vscode-graphql-syntax/-/graphql.vscode-graphql-syntax-99.99.99.tgz
SHA256:
Confidence:High
Summary

This analysis was performed using vet and SafeDep Cloud Malicious Package Analysis. Integrate with GitHub using vet-action GitHub Action.

Note: This report is updated by a verification record

Verification Record

The package is marked as malware by OSV: MAL-2024-11841 with source: ossf-package-analysis

-= Per source details. Do not edit below this line.=-

Source: ossf-package-analysis (a0d28da17294cea5d68bf358dd4576cf98bbc3d373b4add618e2c56ab5c18358)

The OpenSSF Package Analysis project identified 'graphql.vscode-graphql-syntax' @ 99.99.99 (npm) as malicious.

It is considered malicious because:

  • The package communicates with a domain associated with malicious activity.

  • The package executes one or more commands associated with malicious behavior.

Details

Note: This report is updated by a verification record

Analyzer 'Package Project Analyzer' detected the project to be serving malware with high confidence