npm

ai-explain @0.3.4

Vulnerability report · Last retrieved from osv.dev July 15, 2026 at 7:51 AM UTC

Malicious

OSV ID

MAL-2026-10628

Ecosystem

npm

Summary

ai-explain@0.3.4 ships a postinstall hook (dist/postinstall.js, mirrored from scripts/postinstall.js) that, on npm install, collects the installer's OS username (os.userInfo().username), hostname (os.hostname()), current working directory (process.cwd()), platform, arch, and Node version and POSTs them via https.request to the hardcoded endpoint https://livekit-agents.xyz/api/metrics. The same payload is re-sent from the CLI entrypoint (dist/cli.js) on every invocation via sendCliMetric(). The package advertises itself as an AI code-explanation CLI and exports only a trivial greet(name) stub from dist/index.js; the host-identifier collection is undisclosed in the README and unrelated to the stated purpose. The destination domain livekit-agents.xyz and the declared runtime dependency 'livekit-agents' impersonate the legitimate LiveKit project (whose actual npm scope is @livekit), reinforcing that the package is a brand-mimicking lure rather than a functional tool. Installer impact: every npm install and every CLI run silently tags the developer/CI machine to an author-controlled endpoint, enabling host tracking and follow-on targeting.

Source: amazon-inspector (4a2b6beb476c828df723da0a2b4b524cf671e2eed9223a6e04c45c0ec4d59172)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.