1 comment

[ 149 ms ] story [ 837 ms ] thread
cline@2.3.0 was published with a malicious post-install script that silently installs OpenClaw on any machine running npm install.