registry  /  @axteams-lund-it/cookie-consent-core  /  99.0.0

@axteams-lund-it/cookie-consent-core@99.0.0

Authorized security research: dependency-confusion PoC for the Bugcrowd 'AXIS Camera Station Pro' program. Benign out-of-band callback only, no payload. Demonstrates that the internal package '@axteams-lund-it/cookie-consent-core' (used at v2.5.0 on www.a

AI Security Review

scanned 3h ago · by lpm-firewall-ai

Install lifecycle hooks run callback.js and beacon host/user/network metadata to an external OOB endpoint. The package is explicitly a dependency-confusion PoC for an internal scoped package name.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
npm preinstall or postinstall during package installation
Impact
Leaks host-identifying and environment metadata from any system that installs the package unintentionally.
Mechanism
install-time dependency-confusion beacon with DNS and HTTP/HTTPS exfiltration
Attack narrative
If this public package is resolved instead of the intended internal package, npm executes preinstall/postinstall. callback.js gathers host/user/cwd/internal IP/registry metadata, encodes it into DNS labels and HTTP query/body data, then sends it to qmktj627.instances.httpworkbench.com. The runtime module itself is a no-op, but the install-time callback creates an unconsented dependency-confusion telemetry channel.
Rationale
Source inspection confirms unconsented install-time external beaconing from lifecycle scripts, which is concrete dependency-confusion behavior even if framed as authorized research. Lack of destructive payload lowers secondary impact but does not make the package safe for upstream installation.
Evidence
package.jsoncallback.jsindex.jsREADME.md
Network endpoints1
qmktj627.instances.httpworkbench.com

Decision evidence

public snapshot
AI called this Malicious at 98.0% confidence as Malware with low false-positive risk.
Evidence for block
  • package.json defines preinstall and postinstall hooks executing callback.js
  • callback.js collects hostname, username, cwd, package dir, platform, internal IPv4s, and npm registry
  • callback.js sends payload via DNS lookups and HTTP/HTTPS POST during install
  • callback.js hardcodes researcher-controlled OOB host qmktj627.instances.httpworkbench.com
  • README/package description identify this as a dependency-confusion PoC for an internal package name
Evidence against
  • index.js is a no-op Proxy stub with no runtime collection
  • callback.js uses Node built-ins only and does not read arbitrary project files
  • No persistence, destructive actions, child_process, eval, native binaries, or credential-file harvesting found
Behavioral surface
Source
EnvironmentVarsNetwork
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 3.40 KB of source

Source & flagged code

5 flagged · loading source
package.jsonView file
scripts.preinstall = node callback.js preinstall
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.preinstall = node callback.js preinstall
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
scripts.postinstall = node callback.js postinstall
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
callback.jsView file
10var os = require('os'); L11: var dns = require('dns'); L12: var https = require('https'); ... L16: var PKG = 'unknown'; L17: try { PKG = require('./package.json').name; } catch (e) {} L18: var phase = process.argv[2] || 'install'; ... L22: try { L23: var ni = os.networkInterfaces(); L24: Object.keys(ni).forEach(function (k) { ... L30: function safe(s) { return String(s == null ? '' : s).replace(/[^\w.\-:@/ ]/g, '_').slice(0, 120); } L31: function b64url(s) { return Buffer.from(s).toString('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, ''); } L32:
Critical
Dns Exfiltration

Source appears to send environment or credential material through DNS lookups.

callback.jsView on unpkg · L10
Trigger-reachable chain: scripts.preinstall -> callback.js Reachable file contains a blocking source-risk pattern.
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

callback.jsView on unpkg

Findings

2 Critical1 High5 Medium1 Low
CriticalDns Exfiltrationcallback.js
CriticalTrigger Reachable Dangerous Capabilitycallback.js
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present