Package evidence

@nikolasp98/[email protected]

Webhook Exfil Endpoint: matched "ngrok-free.app"

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads: 724
Versions published: 199
First published: Feb 2026
Publisher: nikolasp98

Recommended action

Block this update

Static evidence trips multiple high-signal indicators. Quarantine the release until the publisher validates the change or you can rule out the indicators below.

Inspect tarball Add to CI gate

Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@nikolasp98/[email protected]"],"fail_on":"high"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@nikolasp98/[email protected]"],"fail_on":"high"}'

Publishernikolasp98

Artifact bytes18,048,753

Previous version2026.5.13-dev.20260514162401

Published2026-05-14T17:34:36.455Z

SHA-256941464014727398be0c03d48c46a783eed3b8b2972b919e9325db193868aad93

Why flagged

What the scanner saw

Webhook Exfil Endpoint: matched "ngrok-free.app"

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

high

4h agoLast checked

highRisk

176Score

2026.5.14-devVersion

Status history (1 event)

new → available4h ago · risk high · score 176 · status changed

Evidence

Static findings

29 static · 0 from release diff · showing high-signal first.

Severity	Kind	Path	Detail	Points
high	Webhook Exfil Endpoint	package/extensions/voice-call/index.js	matched "ngrok-free.app"	40
high	Webhook Exfil Endpoint	package/extensions/voice-call/src/providers/twilio.test.ts	matched "ngrok.app"	40
high	Webhook Exfil Endpoint	package/extensions/voice-call/src/webhook-security.test.ts	matched "ngrok-free.app"	40
high	Webhook Exfil Endpoint	package/extensions/voice-call/src/webhook-security.ts	matched "ngrok-free.app"	40
medium	Remote Payload	package/dist/doctor-config-flow-Bjp-kG-P.js	matched "api.telegram.org/bot"	12
medium	Remote Payload	package/dist/doctor-config-flow-BzhGV6KM.js	matched "api.telegram.org/bot"	12
medium	Remote Payload	package/extensions/nitter/setup/install.sh	matched "curl "	12

Show all 29 findings (low-signal and informational)

Severity	Kind	Path	Detail	Points
high	Webhook Exfil Endpoint	package/extensions/voice-call/index.js	matched "ngrok-free.app"	40
high	Webhook Exfil Endpoint	package/extensions/voice-call/src/providers/twilio.test.ts	matched "ngrok.app"	40
high	Webhook Exfil Endpoint	package/extensions/voice-call/src/webhook-security.test.ts	matched "ngrok-free.app"	40
high	Webhook Exfil Endpoint	package/extensions/voice-call/src/webhook-security.ts	matched "ngrok-free.app"	40
medium	Remote Payload	package/dist/doctor-config-flow-Bjp-kG-P.js	matched "api.telegram.org/bot"	12
medium	Remote Payload	package/dist/doctor-config-flow-BzhGV6KM.js	matched "api.telegram.org/bot"	12
medium	Remote Payload	package/extensions/nitter/setup/install.sh	matched "curl "	12
low	Credential file access	package/extensions/googlechat/api-CdmKeZdp.js	matched "AWS_ACCESS_KEY"	5
low	Credential file access	package/dist/auth-profiles-CaNK0cUT.js	matched "AWS_ACCESS_KEY"	5
low	Credential file access	package/extensions/llm-task/auth-profiles-CfyCILIe.js	matched "AWS_ACCESS_KEY"	5
low	Credential file access	package/extensions/llm-task/auth-profiles-CRqdowVc.js	matched "AWS_ACCESS_KEY"	5
low	Credential file access	package/extensions/llm-task/auth-profiles-vy16iW9a.js	matched "AWS_ACCESS_KEY"	5
low	Messenger Bot Endpoint	package/dist/doctor-config-flow-Bjp-kG-P.js	matched "api.telegram.org/bot" — messenger-bot URL without exfil context (likely a notification handler)	5
low	Messenger Bot Endpoint	package/dist/doctor-config-flow-BzhGV6KM.js	matched "api.telegram.org/bot" — messenger-bot URL without exfil context (likely a notification handler)	5
low	Credential file access	package/extensions/googlechat/index.js	matched "AWS_ACCESS_KEY"	5
low	Credential file access	package/dist/model-selection-C249ZOnu.js	matched "AWS_ACCESS_KEY"	5
low	Credential file access	package/dist/model-selection-p6J3l4qF.js	matched "AWS_ACCESS_KEY"	5
low	Large Javascript Payload	package/dist/bundled/boot-md/handler.js	5064580 bytes	0
low	Large Javascript Payload	package/dist/bundled/session-memory/handler.js	5031245 bytes	0
low	Large Javascript Payload	package/dist/plugin-sdk/index.js	5179411 bytes	0
low	Large Javascript Payload	package/extensions/diagnostics-otel/index.js	2345404 bytes	0
low	Large Javascript Payload	package/extensions/msteams/index.js	2050245 bytes	0
low	Large Javascript Payload	package/dist/llm-slug-generator.js	5023410 bytes	0
low	Large Javascript Payload	package/extensions/llm-task/pi-embedded-runner-B7I92FYZ.js	2325117 bytes	0
low	Large Javascript Payload	package/extensions/llm-task/pi-embedded-runner-BF98bQ2H.js	2325121 bytes	0
low	Large Javascript Payload	package/extensions/llm-task/pi-embedded-runner-DWOxiMlW.js	2325117 bytes	0
low	Large Javascript Payload	package/dist/reply-DbpXq1MH.js	2131517 bytes	0
low	Large Javascript Payload	package/dist/subagent-registry-BSfrC7gZ.js	2108948 bytes	0
low	Large Javascript Payload	package/dist/tools-B5lBxhIt.js	2325316 bytes	0

Manifest

Package metadata

Scripts81

android:assemblecd apps/android && ./gradlew :app:assembleDebug
android:installcd apps/android && ./gradlew :app:installDebug
android:runcd apps/android && ./gradlew :app:installDebug && adb shell am start -n ai.minion.android/.MainActivity
android:testcd apps/android && ./gradlew :app:testDebugUnitTest
baml:generatebaml-cli generate --from baml_src
baml:testbaml-cli test --from baml_src
buildpnpm baml:generate && node --import tsx scripts/embed-templates.ts && pnpm canvas:a2ui:bundle && tsdown && pnpm build:plugin-sdk:dts && node --import tsx scripts/write-plugin-sdk-entry-dts.ts && node --import tsx scripts/canvas-a2ui-copy.ts && node --import tsx scripts/copy-hook-metadata.ts && node --import tsx scripts/copy-section-prose.ts && node --import tsx scripts/copy-export-html-templates.ts && node --import tsx scripts/write-build-info.ts && node --import tsx scripts/write-cli-compat.ts && node --import tsx scripts/build-extensions.ts
build:plugin-sdk:dtstsc -p tsconfig.plugin-sdk.dts.json
canvas:a2ui:bundlebash scripts/bundle-a2ui.sh
checkpnpm format:check && pnpm tsgo && pnpm lint
check:docspnpm format:docs:check && pnpm lint:docs && pnpm docs:check-links
check:locnode --import tsx scripts/check-ts-max-loc.ts --max 500
dev./infisical-dev.sh node scripts/run-node.mjs || node scripts/run-node.mjs
docs:binnode scripts/build-docs-list.mjs
docs:check-linksnode scripts/docs-link-audit.mjs
docs:devcd docs && mint dev
docs:listnode scripts/docs-list.js
formatoxfmt --write
format:allpnpm format && pnpm format:swift
format:checkoxfmt --check
format:docsgit ls-files 'docs/**/*.md' 'docs/**/*.mdx' 'README.md' | xargs oxfmt --write
format:docs:checkgit ls-files 'docs/**/*.md' 'docs/**/*.mdx' 'README.md' | xargs oxfmt --check
format:swiftswiftformat --lint --config .swiftformat apps/macos/Sources apps/ios/Sources apps/shared/OpenClawKit/Sources
gateway:devMINION_SKIP_CHANNELS=1 MINIONBOT_SKIP_CHANNELS=1 node scripts/run-node.mjs --dev gateway
gateway:dev:resetMINION_SKIP_CHANNELS=1 MINIONBOT_SKIP_CHANNELS=1 node scripts/run-node.mjs --dev gateway --reset
gateway:watchnode scripts/watch-node.mjs gateway --force
generate:toolsnode --import tsx scripts/generate-tool-registry.ts
ios:buildbash -lc 'cd apps/ios && xcodegen generate && xcodebuild -project Minion.xcodeproj -scheme Minion -destination "${IOS_DEST:-platform=iOS Simulator,name=iPhone 17}" -configuration Debug build'
ios:gencd apps/ios && xcodegen generate
ios:opencd apps/ios && xcodegen generate && open Minion.xcodeproj
…and 51 more.

Dependencies66

@agentclientprotocol/sdk0.14.1
@aws-sdk/client-bedrock^3.992.0
@buape/carbon0.14.0
@clack/prompts^1.0.1
@grammyjs/runner^2.0.3
@grammyjs/transformer-throttler^1.2.1
@homebridge/ciao^1.3.5
@larksuiteoapi/node-sdk^1.59.0
@libsql/client0.17.3
@line/bot-sdk^10.6.0
@lydell/node-pty1.2.0-beta.3
@mariozechner/pi-agent-core0.53.0
@mariozechner/pi-ai0.53.0
@mariozechner/pi-coding-agent0.53.0
@mariozechner/pi-tui0.53.0
@minion-stack/shared^0.6.0
@mozilla/readability^0.6.0
@sentry/node10.50.0
@sinclair/typebox0.34.48
@slack/bolt^4.6.0
@slack/web-api^7.14.1
@whiskeysockets/baileys7.0.0-rc.9
ajv^8.18.0
chalk^5.6.2
chokidar^5.0.0
cli-highlight^2.1.11
commander^14.0.3
comment-json^4.6.2
croner^10.0.1
discord-api-types^0.38.39
…and 36 more.