@omniwatch-wick/cli @0.1.2
Vulnerability report · Last retrieved from osv.dev July 14, 2026 at 5:45 AM UTC
OSV ID
MAL-2026-10486
Ecosystem
npm
Summary
index.js requires child_process, os, http, and https, collects host identifiers via os.userInfo(), hostname, and process.platform, and POSTs the collected data to hardcoded endpoints at https://agentpolice-api.vedantn06soni.workers.dev (references at lines 17 and 268) and https://night-watch-indol.vercel.app (line 195). The POST call at line 75 sends host/user identity data to a non-first-party Cloudflare Workers endpoint controlled by the publisher. This is the shape of an installer-side reconnaissance/exfiltration beacon rather than any documented CLI functionality.
Source: amazon-inspector (e77b823fd6a050959af05f24e75f87cad447ab83a65c31349c7a559502af278c)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.