Which versions of screenpipe-mcp-http are malicious?

The following npm versions of screenpipe-mcp-http are flagged malicious: 9999.99.99. Treat any of these as compromised.

How do I remediate screenpipe-mcp-http if I installed it?

Remove screenpipe-mcp-http from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is screenpipe-mcp-http part of a known attack campaign?

Yes — screenpipe-mcp-http is associated with the IN-MAL-2026-004953, IN-MAL-2026-004954 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect screenpipe-mcp-http in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking screenpipe-mcp-http and packages like it before any post-install script runs.

Malicious package

screenpipe-mcp-httpnpm

Malicious code in screenpipe-mcp-http (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5402

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall screenpipe-mcp-http

What this malware does

[email protected] is a dependency-confusion lure that beacons installer-identifying data to an attacker-controlled domain on npm install. The package.json declares an absurdly high version (9999.99.99) with description 'npm 404 error referenced in screenpipe/screenpipe', the canonical shape of a dependency-confusion claim against an unregistered name referenced by an upstream project. A postinstall hook (postinstall.js) POSTs a JSON body to https://ddactic-lab.online/sc/beacon containing the npm package name/version, Node version, OS, CI detection flag, and GitHub Actions metadata (GITHUB_REPOSITORY, GITHUB_REPOSITORY_OWNER, GITHUB_WORKFLOW). To bypass corporate HTTP egress filters, the same data is also encoded into a subdomain of b.ddactic-lab.online and exfiltrated via DNS lookup. index.js further recursively requires its own name (module.exports = require('screenpipe-mcp-http')), so any internal upstream reference that resolves through npm pulls this attacker-controlled package.

Malicious versions

1 flagged

9999.99.99

Indicators of compromise (SHA-256)

28109405008c1eaee3b3702337a3278723bb7e70e01929a4b76132b19c705790

46c309150113bf04c90487208489e8a26337731319956c1183e7d8e26806a0e0

Frequently asked questions

No. screenpipe-mcp-http on npm has been identified as a malicious package (version 9999.99.99 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-004953IN-MAL-2026-004954

References

npmjs.com

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection