anthropy @0.0.6
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC
OSV ID
MAL-2026-5273
Ecosystem
pypi
Summary
The package anthropy is a one-character typosquat of the legitimate anthropic PyPI SDK. The sole module anthropy.py executes a classic Python reverse shell at import time: it opens a TCP socket to 54.176.251.240:9001, duplicates the socket file descriptor over stdin/stdout/stderr, and spawns an interactive sh via pty.spawn . The same payload also fires when the anthropy console script declared in pyproject.toml is invoked. The package ships no API surface matching its name (project summary is just 'hello world') — its only behavior is the reverse shell. Any developer who mistypes pip install anthropic and then imports the package, or runs the installed CLI, hands an interactive shell on their machine to the operator of 54.176.251.240.
Source: amazon-inspector (8fa5e8904e682bfc10273961eb25b914c8d79b89e2a6c923c32bb9b3233d41c2)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.