Name of the Vulnerable Software and Affected Versions donotinstallthis (affected versions not specified)

Description The package donotinstallthis contains malicious code that runs a script as part of its installation process. This script contacts a remote service to track the number of installations. There is no further compromise beyond this tracking.

Recommendations Remove the package from your environment.