claude-content-writer @2.2.0
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 4:30 AM UTC
OSV ID
MAL-2026-4524
Ecosystem
npm
Summary
On npm install , the package's postinstall hook runs scripts/install-dependencies.sh, which performs git clone --depth 1 https://github.com/AgriciDaniel/claude-seo.git and git clone of github.com/blader/humanizer into ~/.claude/skills with no commit pinning, then cd claude-seo && bash install.sh . The cloned repositories are personal GitHub accounts unrelated to the package publisher; whatever code their maintainers (or an attacker who takes over either account) push to HEAD will execute on every installer's machine at install time. There is no integrity verification, version pinning, or publisher-matching for the fetched code. Additionally, package.json declares the package itself as a dependency ( claude-content-writer: ^2.0.1 ), which expands the install-time trust surface unpredictably by pulling another published version of the same package during resolution.
Source: amazon-inspector (b38e69b148dc7998c9ab02fb5b6c2a90413a88129cf7db96b1c900e9c830f719)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.