Package evidence

[email protected]

Webhook Exfil Endpoint: matched "api.telegram.org/bot"

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads: 5,871Niche · −30% score
Versions published: 1,196
First published: Feb 2026
Publisher: GitHub ActionsTrusted automation · −70% score

Effective trust discount applied: −70% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.

Recommended action

Review before promoting

Mixed signals: the package has indicators worth reading before allowing the update in automated dependency flows.

Inspect tarball Add to CI gate

Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["[email protected]"],"fail_on":"review"}'

PublisherGitHub Actions

Artifact bytes10,732,400

Previous version0.8.0-next.20260602150737.b87a5de

Published2026-06-03T10:12:41.557Z

SHA-2567b12d71f24a0470361551b5648ab4b0110a5a4fcea3408329089c975391040de

Why flagged

What the scanner saw

Webhook Exfil Endpoint: matched "api.telegram.org/bot"

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

review

21h agoLast checked

reviewRisk

73Score

0.8.0-next.20260603101202.7419541Version

Status history (1 event)

new → available21h ago · risk review · score 73 · status changed

Evidence

Static findings

47 static · 0 from release diff · showing high-signal first.

Severity	Kind	Path	Detail	Points
high	Webhook Exfil Endpoint	package/dist/plugin-sdk/compat.js	matched "api.telegram.org/bot"	40
high	Webhook Exfil Endpoint	package/dist/plugin-sdk/index.js	matched "api.telegram.org/bot"	40
high	Webhook Exfil Endpoint	package/dist/plugin-sdk/telegram.js	matched "api.telegram.org/bot"	40
high	Webhook Exfil Endpoint	package/extensions/voice-call/src/webhook-security.ts	matched "ngrok-free.app"	40
medium	Remote Payload	package/dist/plugin-sdk/compat.js	matched "api.telegram.org/bot"	12
medium	Remote Payload	package/dist/plugin-sdk/index.js	matched "api.telegram.org/bot"	12
medium	Remote Payload	package/dist/setup-helpers-BtRTZkJZ.js	matched "api.telegram.org/bot"	12
medium	Remote Payload	package/dist/setup-helpers-CQPGtU2X.js	matched "api.telegram.org/bot"	12
medium	Remote Payload	package/dist/plugin-sdk/telegram.js	matched "api.telegram.org/bot"	12
medium	Credential file access	package/dist/install-target-BfKmGkYG.js	matched ".npmrc"	10
medium	Credential file access	package/dist/install-target-C-YFVXgH.js	matched ".npmrc"	10

Show all 47 findings (low-signal and informational)

Severity	Kind	Path	Detail	Points
high	Webhook Exfil Endpoint	package/dist/plugin-sdk/compat.js	matched "api.telegram.org/bot"	40
high	Webhook Exfil Endpoint	package/dist/plugin-sdk/index.js	matched "api.telegram.org/bot"	40
high	Webhook Exfil Endpoint	package/dist/plugin-sdk/telegram.js	matched "api.telegram.org/bot"	40
high	Webhook Exfil Endpoint	package/extensions/voice-call/src/webhook-security.ts	matched "ngrok-free.app"	40
medium	Remote Payload	package/dist/plugin-sdk/compat.js	matched "api.telegram.org/bot"	12
medium	Remote Payload	package/dist/plugin-sdk/index.js	matched "api.telegram.org/bot"	12
medium	Remote Payload	package/dist/setup-helpers-BtRTZkJZ.js	matched "api.telegram.org/bot"	12
medium	Remote Payload	package/dist/setup-helpers-CQPGtU2X.js	matched "api.telegram.org/bot"	12
medium	Remote Payload	package/dist/plugin-sdk/telegram.js	matched "api.telegram.org/bot"	12
medium	Credential file access	package/dist/install-target-BfKmGkYG.js	matched ".npmrc"	10
medium	Credential file access	package/dist/install-target-C-YFVXgH.js	matched ".npmrc"	10
low	Credential file access	package/dist/plugin-sdk/bluebubbles.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/call-DGR4jtL-.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/compat.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/config-C8B81-d9.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/discord.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/extensionAPI.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/feishu.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/googlechat.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/host-env-security-CehK_psC.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/host-env-security-D44nDp_5.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/imessage.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/index.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/ip-DXDqZi8v.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/irc.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/matrix.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/mattermost.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/msteams.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/nextcloud-talk.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Messenger Bot Endpoint	package/dist/onboard-channels-DCEkebzd.js	matched "api.telegram.org/bot" — messenger-bot URL without exfil context (likely a notification handler)	5
low	Messenger Bot Endpoint	package/dist/onboard-channels-DH-ZK9Cn.js	matched "api.telegram.org/bot" — messenger-bot URL without exfil context (likely a notification handler)	5
low	Credential file access	package/dist/provider-auth--MKAKEeT.js	matched "AWS_ACCESS_KEY"	5
low	Credential file access	package/dist/provider-auth-BdEwZtXa.js	matched "AWS_ACCESS_KEY"	5
low	Credential file access	package/dist/provider-auth-DjDdG8TR.js	matched "AWS_ACCESS_KEY"	5
low	Messenger Bot Endpoint	package/dist/setup-helpers-BtRTZkJZ.js	matched "api.telegram.org/bot" — messenger-bot URL without exfil context (likely a notification handler)	5
low	Messenger Bot Endpoint	package/dist/setup-helpers-CQPGtU2X.js	matched "api.telegram.org/bot" — messenger-bot URL without exfil context (likely a notification handler)	5
low	Credential file access	package/dist/plugin-sdk/signal.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/slack.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/store-CAU7Vec0.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/store-CMysxqI5.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/store-D4vt95Jw.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/telegram.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/tlon.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/twitch.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/whatsapp.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/zalo.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/plugin-sdk/zalouser.js	matched "GOOGLE_APPLICATION_CREDENTIALS"	5

Manifest

Package metadata

Scripts96

android:assemblecd apps/android && ./gradlew :app:assembleDebug
android:installcd apps/android && ./gradlew :app:installDebug
android:runcd apps/android && ./gradlew :app:installDebug && adb shell am start -n org.remoteclaw.android/.MainActivity
android:testcd apps/android && ./gradlew :app:testDebugUnitTest
buildpnpm canvas:a2ui:bundle && node scripts/tsdown-build.mjs && node scripts/copy-plugin-sdk-root-alias.mjs && pnpm build:plugin-sdk:dts && node --import tsx scripts/write-plugin-sdk-entry-dts.ts && node --import tsx scripts/canvas-a2ui-copy.ts && node --import tsx scripts/copy-hook-metadata.ts && node --import tsx scripts/copy-export-html-templates.ts && node --import tsx scripts/write-build-info.ts && node --import tsx scripts/write-cli-compat.ts
build:plugin-sdk:dtstsc -p tsconfig.plugin-sdk.dts.json
canvas:a2ui:bundlebash scripts/bundle-a2ui.sh
checkpnpm format:check && pnpm tsgo && pnpm lint && pnpm lint:tmp:no-random-messaging && pnpm lint:no-remoteclaw-ai && pnpm lint:ui:no-css-class-drift
check:docspnpm format:docs:check && pnpm lint:docs && pnpm docs:check-links
check:locnode --import tsx scripts/check-ts-max-loc.ts --max 500
deadcode:cipnpm deadcode:report:ci:knip
deadcode:knippnpm dlx knip --production --no-progress --reporter compact --files --dependencies
deadcode:reportpnpm deadcode:knip; pnpm deadcode:ts-prune; pnpm deadcode:ts-unused
deadcode:report:ci:knipmkdir -p .artifacts/deadcode && pnpm deadcode:knip > .artifacts/deadcode/knip.txt 2>&1 || true
deadcode:report:ci:ts-prunemkdir -p .artifacts/deadcode && pnpm deadcode:ts-prune > .artifacts/deadcode/ts-prune.txt 2>&1 || true
deadcode:report:ci:ts-unusedmkdir -p .artifacts/deadcode && pnpm deadcode:ts-unused > .artifacts/deadcode/ts-unused-exports.txt 2>&1 || true
deadcode:ts-prunepnpm dlx ts-prune src extensions scripts
deadcode:ts-unusedpnpm dlx ts-unused-exports tsconfig.json --ignoreTestFiles --exitWithCount
devnode scripts/run-node.mjs
docs:binnode scripts/build-docs-list.mjs
docs:check-linksnode scripts/docs-link-audit.mjs
docs:devcd docs && mint dev
docs:listnode scripts/docs-list.js
docs:spellcheckbash scripts/docs-spellcheck.sh
docs:spellcheck:fixbash scripts/docs-spellcheck.sh --write
dup:checkjscpd src extensions test scripts --format typescript,javascript --pattern "**/*.{ts,tsx,js,mjs,cjs}" --gitignore --noSymlinks --ignore "**/node_modules/**,**/dist/**,**/.git/**,**/coverage/**,**/build/**,**/.build/**,**/.artifacts/**" --min-lines 12 --min-tokens 80 --reporters console
dup:check:jsonjscpd src extensions test scripts --format typescript,javascript --pattern "**/*.{ts,tsx,js,mjs,cjs}" --gitignore --noSymlinks --ignore "**/node_modules/**,**/dist/**,**/.git/**,**/coverage/**,**/build/**,**/.build/**,**/.artifacts/**" --min-lines 12 --min-tokens 80 --reporters json --output .artifacts/jscpd
formatoxfmt --write
format:allpnpm format && pnpm format:swift
format:checkoxfmt --check
…and 66 more.

Dependencies57

@agentclientprotocol/sdk0.16.1
@aws-sdk/client-s33.1000.0
@aws-sdk/s3-request-presigner3.1000.0
@buape/carbon0.0.0-beta-20260216184201
@clack/prompts^1.1.0
@discordjs/voice^0.19.1
@grammyjs/runner^2.0.3
@grammyjs/transformer-throttler^1.2.1
@homebridge/ciao^1.3.5
@larksuiteoapi/node-sdk^1.59.0
@line/bot-sdk^10.6.0
@mariozechner/pi-tui0.55.0
@matrix-org/matrix-sdk-crypto-nodejs^0.4.0
@microsoft/agents-hosting^1.3.1
@modelcontextprotocol/sdk^1.27.1
@sinclair/typebox0.34.48
@slack/bolt^4.6.0
@slack/web-api^7.14.1
@tloncorp/tlon-skill0.2.2
@urbit/aura^3.0.0
@vector-im/matrix-bot-sdk0.8.0-element.3
@whiskeysockets/baileys7.0.0-rc.9
ajv^8.18.0
chalk^5.6.2
chokidar^5.0.0
cli-highlight^2.1.11
commander^14.0.3
croner^10.0.1
discord-api-types^0.38.42
dotenv^17.3.1
…and 27 more.