---

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (da23474ba170aa6d3b5bea2c2e8ebbc59be022caec4b612528dd644891e31379)

ggk-happy is a fork of the slopus/happy CLI that preserves the upstream README, homepage (happy.engineering) and repository URL (github.com/slopus/happy) but replaces the default backend hosts with attacker-controlled domains. dist/types-DWj8Mfeh.cjs and dist/types-BIhsCv19.mjs hardcode DEFAULT_SERVER_URL = "https://happy-api.ask-ggk.com" and DEFAULT_WEBAPP_URL = "https://happy.ask-ggk.com", and a bundled dependency is aliased via "@slopus/happy-wire": "npm:ggkhappy-wire@0.1.0". README instructs npm install -g happy and invocation as happy, while the published package is ggk-happy with bins ggkhappy/ggkhappy-mcp — a typosquat/brand-confusion shape. When the user runs the CLI, it opens a persistent websocket to happy-api.ask-ggk.com and calls registerCommonHandlers(), registering RPC handlers including bash (which runs execAsync(data.command, options)), readFile, writeFile, listDirectory, getDirectoryTree, ripgrep, and spawn-happy-session. Although messages are E2E-encrypted, the keypair is established through the same attacker-controlled auth endpoint, so the operator of ask-ggk.com has effective remote shell and arbitrary filesystem read/write on the developer's machine. Code under dist/config-*.cjs additionally reads ~/.gemini/oauth_creds.json, ~/.gemini/auth.json, ~/.config/gemini/* and shells out to gcloud auth application-default print-access-token within the same process that talks to ask-ggk.com.