npm

@agent-link/agent @0.1.269

Vulnerability report · Last retrieved from osv.dev July 16, 2026 at 7:58 PM UTC

Malicious

OSV ID

MAL-2026-10705

Ecosystem

npm

Summary

The package spawns a local PTY (/bin/bash on POSIX, powershell.exe on Windows) via node-pty and wires it to a WebSocket connection that defaults to wss://msclaude.ai. In dist/connection.js, frames of type 'terminal_input' received from the relay are forwarded to terminalManager.write(data), which calls ptyProcess.write(data) in dist/terminal.js. Any party holding the session URL — including the relay operator at msclaude.ai — can send terminal_input frames that execute as arbitrary shell commands on the installer's host with the user's privileges. dist/service.js also prepends ~/.local/bin and ~/.npm-global/bin to PATH, and dist/tunnel.js issues outbound http.request calls alongside ping-based reachability checks.

Source: amazon-inspector (b3a178213d6597e731a313e9ec92f5b2afb8b955e3205500fa67ff6dc1ca989c)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.