shai_hulululud npm Package Uses Prompt Injection and Token Flooding to Disrupt AI Malware Scanners
Socket identified [email protected] as a deliberately packed npm package that appears designed to probe or disrupt AI-assisted malware review with prompt-injection text, safety-triggering comments, context flooding, and obfuscated JavaScript.