This analysis was performed using vet and SafeDep Cloud Malicious Package Analysis. Integrate with GitHub using vet-action GitHub Action.
The package contains code that makes a suspicious HTTP request to an OAST domain, suggesting data exfiltration or unauthorized tracking.
The package contains code that makes an HTTP GET request to a suspicious domain kl9r705vr5at9f92uaw68nbi89e02uqj.oastify.com upon installation. The domain oastify.com is associated with OAST and is often used for vulnerability testing and exploitation. This behavior is indicative of data exfiltration or an attempt to confirm package installation without user consent. The YARA rule burp_collab also detected a potential malicious behavior in the file, further suggesting that the package is a malware.