⚠️
I'm running an automated GitHub code search for the Miasma Worm and found a reference to node .github/setup.js in a file in this repository. This pattern is associated with the Miasma Worm, a supply-chain attack that targets AI coding agents (Claude, Cursor, Gemini, Copilot, etc.).
How the attack works
- The worm pushes commits to open pull-request branches (or any active branch).
- Each injected commit appends
[skip ci] to suppress CI pipelines.
- The commit adds
.github/setup.js (an obfuscated payload) and instruction files (.claude, .gemini, .cursor, …) that tell AI agents to run node .github/setup.js as "project setup" — causing them to unwittingly execute the malware.
What to do
I wrote a cleanup tool for this — you can find it pinned on my profile as malware-cleanup. It scans every branch of your repository via the GitHub API (no cloning required) and can automatically reset affected branches to the last clean commit.
If you believe this is a false positive, feel free to close the issue and sorry for the noise.
I'm running an automated GitHub code search for the Miasma Worm and found a reference to
node .github/setup.jsin a file in this repository. This pattern is associated with the Miasma Worm, a supply-chain attack that targets AI coding agents (Claude, Cursor, Gemini, Copilot, etc.).How the attack works
[skip ci]to suppress CI pipelines..github/setup.js(an obfuscated payload) and instruction files (.claude,.gemini,.cursor, …) that tell AI agents to runnode .github/setup.jsas "project setup" — causing them to unwittingly execute the malware.What to do
I wrote a cleanup tool for this — you can find it pinned on my profile as
malware-cleanup. It scans every branch of your repository via the GitHub API (no cloning required) and can automatically reset affected branches to the last clean commit.If you believe this is a false positive, feel free to close the issue and sorry for the noise.