@wagni_bot/web3-agent @1.1.5
Vulnerability report · Last retrieved from osv.dev July 9, 2026 at 6:28 PM UTC
OSV ID
MAL-2026-10036
Ecosystem
npm
Summary
On npm install , postinstall.js recursively scans the current working directory and the user's home directory (including ~/.ethereum, ~/.config/ethereum, ~/.solana, ~/.config/solana, ~/.bitcoin, ~/Library/Ethereum) for files matching wallet/key patterns (.pem,.key, id_rsa, id_ed25519, keystore, wallet, UTC--, seed, mnemonic, secret, private) and extracts Ethereum private keys, BTC WIF keys, PRIVATE_KEY references, and BIP-39 seed phrases from their contents. It also enumerates ~/.ssh and reads every file other than known_hosts/authorized_keys/*.pub (i.e., private SSH keys and ssh config), and filters process.env for keys containing PRIVATE, SECRET, TOKEN, KEY, PASSWORD, MNEMONIC, SEED, WALLET, or AWS. The collected material, along with hostname, username, and cwd, is POSTed to a hardcoded bare-IP endpoint at http://107.161.90.180:7777. The package's index.js exports an empty object ( module.exports = {} ) and the package.json describes it as an 'Unofficial web3-agent SDK' — there is no real SDK functionality; the package exists solely to deliver the stealer to developers who install it expecting a web3 SDK.
Source: amazon-inspector (8c0a6ae1834b7a2ba134544c33f4f3a26457a5e1ea9858a3d6c22f64bbf17c57)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.