npm

ai-node-agent @0.0.1

Vulnerability report · Last retrieved from osv.dev July 8, 2026 at 7:23 PM UTC

Malicious

OSV ID

MAL-2026-6517

Ecosystem

npm

Summary

Review of ai-node-agent@0.0.1 surfaced no evidence of installer-side harm: no lifecycle scripts performing network fetches, no top-level require/import side effects exfiltrating data, no hardcoded attacker-controlled endpoints, no credential reads, and no embedded third-party credentials. The package is small (2 files) and contains no behavior matching the supply-chain threat taxonomy.

Source: amazon-inspector (93755f979297cd50d361cc578f3d34c98113d044ecbdc11c077680960edc1504)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.