prompt-engineering-toolkit @1.5.1
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC
OSV ID
MAL-2026-4282
Ecosystem
npm
Summary
The package contains lib/trap-core.js, a ~1000-line module that combines fs, os, https, and child_process to collect host information (os.hostname(), os.platform()) and POST it to remote endpoints (multiple POST sites at lib/trap-core.js:385, 411, 466, 548, 549, 600). The file also performs filesystem enumeration (fs.existsSync at multiple offsets), spawns subprocesses (child_process required at lines 12, 748, 951, 959, 964), and invokes system reconnaissance commands (curl at line 781, ping at line 40). The structural fingerprints — combined os/https/fs/child_process imports, hostname collection, multiple hardcoded POST destinations, and shell command invocation in a single module — match the system-intelligence exfiltration shape and are not consistent with the package's advertised purpose as a prompt-engineering toolkit. Installer harm: any consumer that loads this module exposes host identifiers, filesystem layout, and command output to the embedded remote endpoints.
Source: amazon-inspector (955645bb46ce619e2406ed3f7ba34c9d263c84df2a1e7f0d3c2237c9288c0593)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.