docs(security): add analysis of malicious kilocode-agent/kilocode-2.0 repo#1719
Open
kilo-code-bot[bot] wants to merge 1 commit intomainfrom
Open
docs(security): add analysis of malicious kilocode-agent/kilocode-2.0 repo#1719kilo-code-bot[bot] wants to merge 1 commit intomainfrom
kilo-code-bot[bot] wants to merge 1 commit intomainfrom
Conversation
![kilo-code-bot[bot]](https://avatars.githubusercontent.com/in/2193792?s=60&v=4){kind=small}
| 4. `Create LoopBreaker.ts` (now deleted) | ||
| 5. `Delete core directory` (cleaning up evidence of modification) | ||
|
|
||
| The "Delete core directory" commit suggests files were added and then removed — possibly experimental malware code that was cleaned up before the final push. |
Contributor
Author
There was a problem hiding this comment.
WARNING: This claim goes beyond the evidence in the report
The report establishes that files were added and later removed, but it does not show that the deleted directory contained malware or that the author was "cleaning up evidence". Presenting that as likely fact weakens the rest of the analysis and creates avoidable credibility risk.
Suggested change
| The "Delete core directory" commit suggests files were added and then removed — possibly experimental malware code that was cleaned up before the final push. | |
| The "Delete core directory" commit shows files were added and later removed, which is suspicious but not enough on its own to determine what those deleted files contained. |
Contributor
Author
Code Review SummaryStatus: 1 Issue Found | Recommendation: Address before merge Overview
Fix these issues in Kilo Cloud Issue Details (click to expand)WARNING
Other Observations (not in diff)None. Files Reviewed (1 files)
Reviewed by gpt-5.4-20260305 · 76,300 tokens |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds a security analysis report for the GitHub repository
kilocode-agent/kilocode-2.0, which impersonates Kilocode to distribute an opaque, pre-compiled Windows binary via GitHub Releases. The source code in the repo is stolen from the OpenCode desktop app (by Anomaly/SST) and serves as a decoy — it contains no malware itself, but the 89 MB.7zrelease binary has no verifiable build pipeline and cannot have been produced from the repo's source. The report documents all findings from a remote-only inspection of every file using the GitHub API.Verification
gh api /repos/kilocode-agent/kilocode-2.0/contents/{path} --jq '.content' | base64 -dgh api /repos/kilocode-agent/kilocode-2.0/git/trees/main?recursive=1Visual Changes
N/A
Reviewer Notes
The threat is the pre-compiled binary in Releases, not the source code. The source is legitimate OpenCode code used as social-engineering cover. Key red flags: no package.json, no CI/CD, org created same day as repo, SEO-optimized topics targeting "kilocode" searches, commit history showing deleted files. Recommend reporting the repo and org to GitHub.