# purmemo-mcp@15.7.7 — Threat Briefing

Critical risk — threat briefing for npm package purmemo-mcp@15.7.7. Capabilities, risk paths, and what to check.

- **Ecosystem:** npm
- **Latest version:** 12.3.0
- **License:** MIT

## Risk

- **Level:** critical
- **Summary:** Install hook spawns dynamic / forked-detached shell — dropper attribution

## Capability Summary

| Capability | Level |
|---|---|
| install scripts | Postinstall |
| network access | both |
| filesystem | both |
| shell execution | exec |

## Capabilities

### Other

- Application config-directory read (info-only) [common]
- Credential-shaped environment variable read [common]
- Cryptographic hashing [common]
- Encryption/decryption operations [common]
- External vendor / cloud integration [common]
- Platform / architecture detection (info-only) [common]
- User-account enumeration [common]
- Runtime package installation [common]

### Environment

- Environment variable access [common]

### System

- OS information gathering [common]

## Key Signals

- ****
- ****
- ****
- ****
- ****
- ****
- ****
- ****
- ****
- ****
- ****

## Maintainer


## Recommended Action

Do not install. Review immediately if already in use.