npm

ai-node-relay @0.0.2

Vulnerability report · Last retrieved from osv.dev July 9, 2026 at 1:25 AM UTC

Malicious

OSV ID

MAL-2026-6518

Ecosystem

npm

Summary

ai-node-relay ships dist/index.js as its npm main entry, processed with javascript-obfuscator (string-array rotation, _0x-prefixed identifiers, base64 string decoder). The file ends with a top-level main() invocation that boots a Fastify server bound to 0.0.0.0:4001 and starts a heartbeat loop — any consumer who does require('ai-node-relay') immediately spawns a public-interface listener rather than getting a library handle. On startup the relay collects host fingerprint data (os.cpus, totalmem/freemem, platform, release, arch, uptime) and POSTs it with nodeId/url to ${GATEWAY_URL}/api/internal/node/register ; the destination is operator-configured via env var (default http://localhost:3007), matches the documented registration flow, and does not include installer secrets or an env-var dump. During periodic syncFromGateway, the gateway's JSON response is allowed to overwrite process.env.ENCRYPTION_KEY, ENCRYPTION_SECRET, ENCRYPTION_SALT, ENCRYPTION_AAD, and ENCRYPTION_ALGORITHM in the running process — a legitimate control-plane behavior given the operator chose the gateway, but one that materially expands the trust placed in whatever URL is configured. There is no install-time lifecycle hook, no fetch-and-execute of remote code, no credential scraping from ~/.aws/~/.ssh/~/.npmrc, and no hardcoded attacker destination. The combined pattern (obfuscation hiding the control flow + require()-time server bind to 0.0.0.0 + gateway-driven mutation of crypto material) warrants human review of maintainer trust and README accuracy before recommending the package, but it does not by itself constitute a supply-chain attack against installers.

Source: amazon-inspector (ae845382ff29756db63bf611b9b6bdbd49c44be3bcc8b283512e6590182ac48b)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.