Malicious npm Package Exfiltrated Files from Claude AI User Directories

OX Security researchers found a malicious npm package named “mouse5212-super-formatter” that uploads files from “/mnt/user-data”, the directory Anthropic’s Claude AI tool uses for uploads and session outputs.

The package is a targeted infostealer aimed at developers who run Claude Code or Claude-based tooling locally. Any developer who installed this package should treat their Claude user data directory as compromised. Audit npm dependency trees for unrecognized packages and review file access logs for unexpected outbound transfers.