An interesting approach to malware by checking for Claude Code CLI and Gemini CLI in compromised `nx` package to explore local filesystem and steal credentials, api keys, wallets, etc.