Home / Companies / Cline / Blog / Post Details
Content Deep Dive

Post-mortem: Unauthorized Cline CLI npm publish on February 17, 2026

Blog post from Cline

Post Details
Company
Date Published
Author
Saoud Rizwan
Word Count
1,278
Company Posts That Month
10
Language
English
Hacker News Points
-
Summary

An unauthorized publication of the npm package [email protected] occurred due to a compromised token, which led to the unintended inclusion of a postinstall script installing the legitimate open source project openclaw without delivering any malicious code. This incident, which affected only the Cline CLI npm package and not the associated VS Code and JetBrains extensions, was resolved within approximately eight hours by releasing version 2.4.0 and revoking the compromised token. The vulnerability was traced to a prompt injection flaw in a GitHub Actions workflow designed for issue triage, which allowed attackers to execute arbitrary code due to misconfigured access permissions. Despite the benign nature of the payload, the incident highlighted the risk of AI-driven automation in CI/CD pipelines and prompted a comprehensive review of credential management and security practices. Security researcher Adnan Khan played a crucial role in identifying the vulnerability, leading to the removal of the flawed workflow, rotation of credentials, and implementation of OIDC provenance for npm publishing to prevent future occurrences.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
OpenClaw 8 1,172 87 30 +176%
AI Agents 1 3,583 743 199 -1%
LLM 1 5,138 781 181 +34%
Secrets Management 1 1,388 209 84 +19%