This is even more important than the Claude Code source code leak. Everyone should check this. Development with AI is too fast; there's no way around it, we have to pay attention to every package installation, especially something as easily installed as axios...
This article is machine translated
Show original
Cos(余弦)
@evilcos
03-31
建议给你的 Agents(包括 OpenClaw)都投喂如下提示词,好好排查下是否存在这波 axios 被投毒事件影响:
参考下面这个方法排查一遍我们的环境是否存在被投毒的 axios@1.14.1 与 axios@0.30.4,及恶意模块 plain-crypto-js,不能漏,确保排查全面:
Check for the malicious axios versions in your x.com/evilcos/status…
From Twitter
Disclaimer: The content above is only the author's opinion which does not represent any position of Followin, and is not intended as, and shall not be understood or construed as, investment advice from Followin.
Like
Add to Favorites
Comments
Share
Relevant content
