A popular NPM package got compromised, attackers updated it to run a post-install script that steals secrets

But the script is a *prompt* run by the user's installation of Claude Code. This avoids it being detected by tools that analyze code for malware

From @zacl_overflow on X