@vino.tian/vibe-kanban @0.1.4420

Summary

This package is published as @vino.tian/vibe-kanban and copies its README, name, and feature description from BloopAI's legitimate vibe-kanban project, but its binary distribution channel is a different, unrelated GitHub account. When the installed CLI is invoked ( npx @vino.tian/vibe-kanban ), bin/cli.js constructs a release-asset URL of the form https://github.com/tianweilong/deploy-center/releases/download/<tag>/<platform>.{zip,tar.gz} , downloads the archive, extracts it, and runs the resulting binary via execSync("${bin}", { stdio: 'inherit' }) . A SHA-256 check is performed against a checksums file, but the checksums file is fetched from the same tianweilong/deploy-center repo as the archive, so the verification provides no protection — whoever controls that repo controls both the bytes and the expected hash. Additional integrity concerns: package.json declares "main": "index.js" but no index.js is shipped, and an unsubstituted __R2_PUBLIC_URL__ placeholder remains in the desktop-installer path. Net effect: a user who installs and runs this package executes arbitrary bytes served by an attacker-controlled GitHub account under the guise of a known OSS tool.

Source: amazon-inspector (7f1533bb7e55b1bcd10291aa9f19e2a5cbe5755a7a6a7343d38fbd3ff8064a1f)