This analysis was performed using vet and SafeDep Cloud Malicious Package Analysis. Integrate with GitHub using vet-action GitHub Action.
Malicious package due to suspicious preinstall, preupdate, and test scripts downloading and executing code from a remote server.
The package contains suspicious preinstall, preupdate, and test scripts in pakage.json that download and execute code from a remote server (oastify.com). This allows for arbitrary code execution and exfiltration of sensitive information (username, path, hostname) during installation, update, and testing, indicating malicious intent.