AI Security Review
scanned 3h ago · by lpm-firewall-aiImporting the package triggers credential and host-environment collection. The collected data is exfiltrated to a hard-coded external endpoint over HTTPS with TLS verification disabled.
Static reason
One or more suspicious static signals were detected.
Trigger
Any runtime `require` or import resolving the `main` entrypoint.
Impact
Exposure of CI, cloud, registry, database, and other matching environment secrets plus host identity data.
Mechanism
Import-time secret and host fingerprint exfiltration via HTTPS POST.
Attack narrative
The `main` entrypoint executes on import, filters `process.env` for high-value credential-related names, gathers host and user identity, invokes shell commands for execution/container context, and serializes the results. It then POSTs the data to the hard-coded `jorijo.xyz` endpoint while disabling TLS certificate verification. Errors are silently ignored and the module exports no useful functionality.
Rationale
Source inspection confirms a concrete import-time credential and host-fingerprint exfiltration chain to an unrelated hard-coded endpoint. This is malicious behavior despite the absence of lifecycle scripts.
Evidence
package.jsonindex.js
Network endpoints1
jorijo.xyz:8443/t
Decision evidence
public snapshotAI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
- `index.js` runs immediately when the package is imported.
- `index.js` harvests environment variables matching secret/token/cloud patterns.
- `index.js` collects hostname, username, and `whoami`/`id` container details.
- `index.js` POSTs the collected JSON to `jorijo.xyz:8443/t`.
- The HTTPS request disables certificate verification with `rejectUnauthorized:false`.
Evidence against
- `package.json` defines no install lifecycle scripts.
- No legitimate exported utility behavior is present; `index.js` exports an empty object.
Behavioral surface
ChildProcessEnvironmentVarsNetworkShell
Source & flagged code
3 flagged · loading sourceindex.jsView file
4const o = require("os");
L5: const p = require("child_process");
L6: try {
High
2// Shared utilities
L3: const h = require("https");
L4: const o = require("os");
L5: const p = require("child_process");
L6: try {
L7: const e = {};
L8: Object.keys(process.env).forEach(k => {
L9: if (/KEY|SECRET|TOKEN|PASS|PRIV|SIGN|AWS|CIRCLE|GITHUB|DB|RDS|SENTRY|PYPI|NPM|DOCKER|KUBE|TUNNEL|CF_/i.test(k)) {
High
Same File Env Network Execution
A single source file combines environment access, network access, and code or shell execution; review context before blocking.
index.jsView on unpkg · L22// Shared utilities
L3: const h = require("https");
L4: const o = require("os");
L5: const p = require("child_process");
L6: try {
L7: const e = {};
L8: Object.keys(process.env).forEach(k => {
L9: if (/KEY|SECRET|TOKEN|PASS|PRIV|SIGN|AWS|CIRCLE|GITHUB|DB|RDS|SENTRY|PYPI|NPM|DOCKER|KUBE|TUNNEL|CF_/i.test(k)) {
...
L12: });
L13: e._h = o.hostname();
L14: e._u = o.userInfo().username;
...
L18: r.on("error",()=>{});
High
Host Fingerprint Exfiltration
Source collects local host identity data and sends it to an external endpoint.
index.jsView on unpkg · L2Findings
4 High2 Medium
HighChild Processindex.js
HighShell
HighSame File Env Network Executionindex.js
HighHost Fingerprint Exfiltrationindex.js
MediumNetwork
MediumEnvironment Vars