Summary

Note: This report is updated by a verification record

Malicious package detected. Executes code during installation via preinstall script in package.json and has only one version published.

Verification Record

The package is marked as malware by OSV: MAL-2026-1387 with source: ghsa-malware

Details

Note: This report is updated by a verification record

The package tahoe-tap version 99.1.15 is likely a malware. The package.json file contains a preinstall script that executes node index.js. This allows arbitrary code execution at install time. The package has only one published version, which raises suspicion. The combination of these factors suggests malicious intent.

Summary

Note: This report is updated by a verification record

Malicious package detected. Executes code during installation via preinstall script in package.json and has only one version published.

Verification Record

The package is marked as malware by OSV: MAL-2026-1387 with source: ghsa-malware

Details

Note: This report is updated by a verification record

tahoe-tap@99.1.15Malicious

Verified

Analysed at: 3/13/26, 5:38 AM

Source: https://registry.npmjs.org/tahoe-tap/-/tahoe-tap-99.1.15.tgz

SHA256: 0db2c1cac76505c5cd46744464ee0410a8beb564f058590d52ee0019b203d2f6

Confidence: High