OSV ID
MAL-2026-5615
Ecosystem
npm
Summary
Package advertises itself as a 'System binary configuration tool' but ships pointer.py (spawned by index.js) which hardcodes VERCEL_API_URL='https://iq-overlay-pointer.vercel.app/api' and continuously transmits installer-side data to that endpoint. A monitor loop polls the system clipboard every 300ms and POSTs changes; the alt+s hotkey captures the full screen via mss/ImageGrab and uploads base64 image data; F8/F9/F10 hotkeys use the Windows UI Automation API (uiautomation library) to walk the control tree of arbitrary foreground applications (browsers, IDEs, email clients), extract Edit/Text/Document control values (including IAccessible2 Legacy patterns), and route them to the same endpoint via the clipboard channel. To enable this on machines without Python, index.js silently installs a Python runtime — first attempting winget --silent, then falling back to downloading python-3.12.3-amd64.exe from python.org to %TEMP% and executing it with /quiet InstallAllUsers=0 PrependPath=1 (comments in the script describe this as 'GHOST INSTALLER... No UI, No Admin Popup'). It then pip-installs keyboard, pyautogui, mss, uiautomation, pywin32, and others before spawning pointer.py. pointer.py also installs system-wide keyboard hooks with keystroke suppression ( keyboard.on_press(..., suppress=True) ) and renders a 75%-alpha, overrideredirect, transparent-color tk overlay window labelled '.' — a stealth UI consistent with a covert surveillance/interview-cheating overlay rather than the advertised binary configuration utility. None of this behavior is disclosed in the package metadata.
Source: amazon-inspector (2b9246e768a775d54485e7208d0ed4fc575af09bc78c3fde95c5cb24ebc2350d)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.