PkgRadar

Package evidence

[email protected]

Remote Payload: matched "api.telegram.org/bot"

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Versions published
1,209
First published
Feb 2026
Publisher
jkheadley

Recommended action

Block this update

Static evidence trips multiple high-signal indicators. Quarantine the release until the publisher validates the change or you can rule out the indicators below.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["[email protected]"],"fail_on":"high"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["[email protected]"],"fail_on":"high"}'
Publisherjkheadley
Artifact bytes13,784,373
Previous version1.3.614
Published2026-06-17T13:40:49.527Z
SHA-256a3f9b47a0fe107d171cbf1ac1a71f319da982e62ea2b4ee9bb8f4d03a9caa796

Why flagged

What the scanner saw

Remote Payload: matched "api.telegram.org/bot"

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

high
Last checked
highRisk
155Score
1.3.615Version
Status history (1 event)
  1. newavailable · risk high · score 155 · status changed

Evidence

Static findings

21 static · 0 from release diff · showing high-signal first.

SeverityKindPathDetailPoints
mediumRemote Payloadpackage/dist/commands/setup-wizard/codex-driver.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/dist/commands/setup-wizard/gemini-driver.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/dist/core/Prerequisites.jsmatched "curl "12
mediumRemote Payloadpackage/dist/commands/setup.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/dist/messaging/TelegramAdapter.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/dist/lifeline/TelegramLifeline.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/src/templates/hooks/compaction-recovery.shmatched "curl "12
mediumRemote Payloadpackage/src/templates/hooks/session-start.shmatched "curl "12
mediumRemote Payloadpackage/src/templates/hooks/slack-channel-context.shmatched "curl "12
mediumRemote Payloadpackage/src/templates/hooks/telegram-topic-context.shmatched "curl "12
Show all 21 findings (low-signal and informational)
SeverityKindPathDetailPoints
mediumRemote Payloadpackage/dist/commands/setup-wizard/codex-driver.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/dist/commands/setup-wizard/gemini-driver.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/dist/core/Prerequisites.jsmatched "curl "12
mediumRemote Payloadpackage/dist/commands/setup.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/dist/messaging/TelegramAdapter.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/dist/lifeline/TelegramLifeline.jsmatched "api.telegram.org/bot"12
mediumRemote Payloadpackage/src/templates/hooks/compaction-recovery.shmatched "curl "12
mediumRemote Payloadpackage/src/templates/hooks/session-start.shmatched "curl "12
mediumRemote Payloadpackage/src/templates/hooks/slack-channel-context.shmatched "curl "12
mediumRemote Payloadpackage/src/templates/hooks/telegram-topic-context.shmatched "curl "12
lowMessenger Bot Endpointpackage/dist/commands/setup-wizard/codex-driver.jsmatched "api.telegram.org/bot" — messenger-bot URL without exfil context (likely a notification handler)5
lowCredential file accesspackage/dist/core/FileClassifier.jsmatched "id_rsa"5
lowCredential file accesspackage/dist/server/fileRoutes.jsmatched "id_rsa"5
lowMessenger Bot Endpointpackage/dist/commands/setup-wizard/gemini-driver.jsmatched "api.telegram.org/bot" — messenger-bot URL without exfil context (likely a notification handler)5
lowCredential file accesspackage/dist/providers/adapters/gemini-cli/transport/geminiSpawn.jsmatched "GOOGLE_APPLICATION_CREDENTIALS"5
lowCredential file accesspackage/dist/monitoring/scrubSecrets.jsmatched "AWS_ACCESS_KEY"5
lowMessenger Bot Endpointpackage/dist/commands/setup.jsmatched "api.telegram.org/bot" — messenger-bot URL without exfil context (likely a notification handler)5
lowMessenger Bot Endpointpackage/dist/messaging/TelegramAdapter.jsmatched "api.telegram.org/bot" — messenger-bot URL without exfil context (likely a notification handler)5
lowMessenger Bot Endpointpackage/dist/lifeline/TelegramLifeline.jsmatched "api.telegram.org/bot" — messenger-bot URL without exfil context (likely a notification handler)5
lowMessenger Bot Endpointpackage/dist/commands/test-as-self.jsmatched "api.telegram.org/bot" — messenger-bot URL without exfil context (likely a notification handler)5
lowInstall-time lifecycle scriptpackage.jsonpostinstall="node scripts/fix-better-sqlite3.cjs"5

Manifest

Package metadata

Scripts33
  • buildnode scripts/generate-builtin-manifest.cjs && tsc && chmod 0755 dist/cli.js && node scripts/sign-instar-lockfile.mjs
  • check:contract-evidencenode scripts/check-contract-evidence.js
  • check:pre-push-gatenode scripts/pre-push-gate.js
  • check:releasenode scripts/analyze-release.js
  • check:upgrade-guidenode scripts/check-upgrade-guide.js
  • cleanrm -rf dist
  • devtsc --watch
  • generate:manifestnode scripts/generate-builtin-manifest.cjs
  • linttsc --noEmit && node scripts/lint-no-direct-destructive.js && node scripts/lint-no-direct-llm-http.js && node scripts/lint-no-direct-url-log.js && node scripts/lint-no-unfunneled-topic-creation.js && node scripts/lint-no-unfunneled-headless-launch.js && node scripts/lint-no-unfunneled-credential-write.js && node scripts/lint-state-registry.js && node scripts/lint-cas-emit-placement.js && node scripts/lint-journal-actuation-ban.js && node scripts/lint-no-blocking-process-scans.js && node scripts/lint-dev-agent-dark-gate.js && node scripts/lint-guard-manifest.js && node scripts/lint-llm-attribution.js && node scripts/lint-no-mainthread-cartographer-walk.js && node scripts/check-codex-rule1-drift.js
  • lint:credential-writenode scripts/lint-no-unfunneled-credential-write.js
  • lint:credential-write:stagednode scripts/lint-no-unfunneled-credential-write.js --staged
  • lint:destructivenode scripts/lint-no-direct-destructive.js
  • lint:destructive:stagednode scripts/lint-no-direct-destructive.js --staged
  • lint:dev-agent-dark-gatenode scripts/lint-dev-agent-dark-gate.js
  • lint:dev-agent-dark-gate:stagednode scripts/lint-dev-agent-dark-gate.js --staged
  • lint:guard-manifestnode scripts/lint-guard-manifest.js
  • lint:llm-attributionnode scripts/lint-llm-attribution.js
  • lint:llm-attribution:stagednode scripts/lint-llm-attribution.js --staged
  • lint:llm-httpnode scripts/lint-no-direct-llm-http.js
  • lint:llm-http:stagednode scripts/lint-no-direct-llm-http.js --staged
  • postinstallnode scripts/fix-better-sqlite3.cjs
  • preparehusky
  • prepublishOnlynpm run build && npm run check:upgrade-guide && npm run check:contract-evidence
  • testvitest run
  • test:allvitest run && vitest run --config vitest.integration.config.ts && vitest run --config vitest.e2e.config.ts
  • test:contractnode scripts/run-contract-tests.js
  • test:contract:rawvitest run --config vitest.contract.config.ts
  • test:e2evitest run --config vitest.e2e.config.ts
  • test:flakyvitest run tests/unit/relationship-routes.test.ts tests/integration/messaging-routes.test.ts tests/integration/whatsapp-routes.test.ts tests/unit/server.test.ts tests/e2e/semantic-memory-lifecycle.test.ts tests/e2e/system-reviewer-e2e.test.ts tests/e2e/working-memory-lifecycle.test.ts tests/e2e/messaging-multi-agent.test.ts
  • test:integrationvitest run --config vitest.integration.config.ts
  • …and 3 more.
Dependencies21
  • @a2a-js/sdk^0.3.10
  • @huggingface/transformers^3.8.1
  • @inquirer/prompts^8.2.1
  • @modelcontextprotocol/sdk^1.27.1
  • @noble/ciphers^2.1.1
  • @noble/hashes^2.0.1
  • @scure/bip39^2.0.1
  • @types/js-yaml^4.0.9
  • better-sqlite3^12.8.0
  • cloudflared^0.7.1
  • commander^12.0.0
  • croner^8.0.0
  • express^4.18.0
  • js-yaml^4.1.1
  • marked^17.0.5
  • moltbridge^0.1.6
  • picocolors^1.0.0
  • proper-lockfile^4.1.2
  • telegram^2.26.22
  • ws^8.19.0
  • zod^4.3.6
Optional dependencies2
  • baileys^7.0.0-rc.9
  • sqlite-vec^0.1.6