Skip to content

threat-intel: 2 MCP/AI-relevant OSV-confirmed malicious package(s) for review#79

Open
brian93512 wants to merge 1 commit into
mainfrom
ioc-candidates/28098440485
Open

threat-intel: 2 MCP/AI-relevant OSV-confirmed malicious package(s) for review#79
brian93512 wants to merge 1 commit into
mainfrom
ioc-candidates/28098440485

Conversation

@brian93512

Copy link
Copy Markdown
Member

MCP/AI-relevant OSV-confirmed malicious packages from ecosystem feeds for the last 24 hours.

These entries are OSV MAL- records — confirmed malicious packages sourced from
OpenSSF malicious-packages, Amazon Inspector, GitHub Advisory, and similar reporters.
They are not ordinary CVEs.

A MCP/AI relevance filter has been applied: only packages whose name or description
contains MCP/AI-tooling domain markers (mcp, openai, anthropic, claude,
langchain, tiktoken, ollama, etc.) are included here. Unrelated malicious packages
(crypto typosquats, banking malware, etc.) are excluded — they are already covered by
AS-004 real-time OSV lookup and do not belong in the AS-008 MCP-focused blacklist.

This is a review-only PR. It intentionally does not modify:

  • pkg/analyzer/data/blacklist.json
  • pkg/analyzer/data/npm_iocs.json

Review each entry:

  • Confirm the package is genuinely MCP/AI-tooling related.
  • Check the affected version range: is it exact and narrow enough?
  • Is this package high-value enough to add to the AS-008 offline blacklist, or is
    AS-004 (real-time OSV lookup) sufficient coverage?
  • Review the notes field for source attribution (e.g. amazon-inspector, ossf-package-analysis).

To promote a confirmed entry into AS-008:

go run ./cmd/tooltrust-ioc-promote <reviewed-candidate-json>

Close this PR after triage unless it is intentionally converted into a curated data update.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant