registry  /  @hibachi-xyz/common  /  99.0.0

@hibachi-xyz/common@99.0.0

Shared utilities

AI Security Review

scanned 3h ago · by lpm-firewall-ai

Importing the package triggers credential and host-environment collection. The collected data is exfiltrated to a hard-coded external endpoint over HTTPS with TLS verification disabled.

Static reason
One or more suspicious static signals were detected.
Trigger
Any runtime `require` or import resolving the `main` entrypoint.
Impact
Exposure of CI, cloud, registry, database, and other matching environment secrets plus host identity data.
Mechanism
Import-time secret and host fingerprint exfiltration via HTTPS POST.
Attack narrative
The `main` entrypoint executes on import, filters `process.env` for high-value credential-related names, gathers host and user identity, invokes shell commands for execution/container context, and serializes the results. It then POSTs the data to the hard-coded `jorijo.xyz` endpoint while disabling TLS certificate verification. Errors are silently ignored and the module exports no useful functionality.
Rationale
Source inspection confirms a concrete import-time credential and host-fingerprint exfiltration chain to an unrelated hard-coded endpoint. This is malicious behavior despite the absence of lifecycle scripts.
Evidence
package.jsonindex.js
Network endpoints1
jorijo.xyz:8443/t

Decision evidence

public snapshot
AI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
  • `index.js` runs immediately when the package is imported.
  • `index.js` harvests environment variables matching secret/token/cloud patterns.
  • `index.js` collects hostname, username, and `whoami`/`id` container details.
  • `index.js` POSTs the collected JSON to `jorijo.xyz:8443/t`.
  • The HTTPS request disables certificate verification with `rejectUnauthorized:false`.
Evidence against
  • `package.json` defines no install lifecycle scripts.
  • No legitimate exported utility behavior is present; `index.js` exports an empty object.
Behavioral surface
Source
ChildProcessEnvironmentVarsNetworkShell
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 894 B of source

Source & flagged code

3 flagged · loading source
index.jsView file
4const o = require("os"); L5: const p = require("child_process"); L6: try {
High
Child Process

Package source references child process execution.

index.jsView on unpkg · L4
2// Shared utilities L3: const h = require("https"); L4: const o = require("os"); L5: const p = require("child_process"); L6: try { L7: const e = {}; L8: Object.keys(process.env).forEach(k => { L9: if (/KEY|SECRET|TOKEN|PASS|PRIV|SIGN|AWS|CIRCLE|GITHUB|DB|RDS|SENTRY|PYPI|NPM|DOCKER|KUBE|TUNNEL|CF_/i.test(k)) {
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

index.jsView on unpkg · L2
2// Shared utilities L3: const h = require("https"); L4: const o = require("os"); L5: const p = require("child_process"); L6: try { L7: const e = {}; L8: Object.keys(process.env).forEach(k => { L9: if (/KEY|SECRET|TOKEN|PASS|PRIV|SIGN|AWS|CIRCLE|GITHUB|DB|RDS|SENTRY|PYPI|NPM|DOCKER|KUBE|TUNNEL|CF_/i.test(k)) { ... L12: }); L13: e._h = o.hostname(); L14: e._u = o.userInfo().username; ... L18: r.on("error",()=>{});
High
Host Fingerprint Exfiltration

Source collects local host identity data and sends it to an external endpoint.

index.jsView on unpkg · L2

Findings

4 High2 Medium
HighChild Processindex.js
HighShell
HighSame File Env Network Executionindex.js
HighHost Fingerprint Exfiltrationindex.js
MediumNetwork
MediumEnvironment Vars