I got the same treatment from a different recruiter and different company! This time they MODIFIED a npm library to hit a URL (api.mocki[.]io/v2/chopmguh/tracks/errors/190529. Its safe as LONG as you don't run the downloaded javascript, it will appear as text) and run this obfuscated code!!! The company is another Crypto company (www.linkedin.[.]com/company/blockchain-121/) from a recruiter (www.linkedin[.]com/in/elena-blahodir/) which I have already reported to linkedin. They also sent me to a bitbucket repo. (bitbucket[.]org/screening_assessment/mike_dex_challenge_ret/src/main/) (Just realized this thing has 3 forks~~ And the watchers of each for are questionable. Anyway another lead to chase down. ) And all the emails... they come from .outlook.com. That should been a big clue. I unfortunately ran the code locally ( facepalm ), and I am trying to track down if anything malicious is happening on my machine. I have another recruiter hitting me up from a very odd company which is following the same pattern, and I am suspecting is another one of these.