AI Security Review
scanned 3h ago · by lpm-firewall-aiInstall-time lifecycle hooks perform an out-of-band dependency-confusion beacon. The beacon exfiltrates host-identifying environment and network metadata to a researcher-controlled endpoint without installer consent.
Decision evidence
public snapshot- package.json defines preinstall and postinstall hooks running callback.js.
- callback.js collects hostname, username, cwd, __dirname, platform, internal IPv4s, and npm registry.
- callback.js sends collected host data to qmktj627.instances.httpworkbench.com via DNS and HTTP/HTTPS POST.
- README/package metadata describe this as dependency-confusion proof-of-execution for an internal-looking package scope.
- index.js is a no-op Proxy stub and does not collect data on import.
- No file reads beyond package.json and no destructive filesystem actions observed.
- No child_process, eval, dynamic code loading, native binaries, or persistence observed.
Source & flagged code
5 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource appears to send environment or credential material through DNS lookups.
callback.jsView on unpkg · L10A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
callback.jsView on unpkg