bittensor-burn-watch @1.3.4

Summary

Package advertises itself as a Bittensor subnet burn-rate monitor but bundles a live TELEGRAM_BOT_TOKEN and TELEGRAM_CHAT_ID in bittensor_burn_watch/defaults.env that the maintainer's own example file labels as 'Clipboard alerts (admin Telegram)' and notes 'Pip users get these automatically — they do not edit these themselves'. The Telegram chat ID is admin-controlled, so every installer's outbound alert traffic is routed to a destination the maintainer owns and the installer cannot see or change. All actual functionality lives in two Cython-compiled.so files (core.cpython-310-x86_64-linux-gnu.so 6.2 MB and burn_watch.*.so 2.3 MB); the only readable Python is a 107-byte __init__.py and a 77-byte __main__.py that re-export main from the compiled binary. With a python-xlib dependency on Linux providing X11 clipboard/selection access, the binary-only distribution prevents installers from auditing what data the package reads from their machine and sends to the maintainer's Telegram. Independently, defaults.env also ships a live third-party Taostats API key (tao-e9b3d1d9-...) to every installer, marked 'bundled; users never set this' — this both leaks the maintainer's own quota/billing identity and turns every install into a free proxy for that account. The combination of hardcoded maintainer-owned destination, 'clipboard alerts' framing in the maintainer's own documentation, advertised purpose (burn monitoring) that does not require clipboard access, and unreviewable compiled-binary logic constitutes a silent-relay supply-chain risk.

Source: amazon-inspector (16180f1609731d35398f11dbfcb328826d2e39a7acf42fc256b563512645e6e5)