AI Security Review
scanned 3h ago · by lpm-firewall-aiImporting the package triggers host reconnaissance and credential harvesting. The gathered data is silently exfiltrated over HTTPS with certificate validation disabled.
Static reason
One or more suspicious static signals were detected.
Trigger
Any runtime import or require of the package entrypoint.
Impact
Secrets, account identity, host metadata, and container context can be sent to an attacker-controlled endpoint.
Mechanism
Import-time credential and host-fingerprint exfiltration.
Attack narrative
The `index.js` entrypoint executes on import. It filters `process.env` for likely secrets, adds hostname and username, invokes shell reconnaissance commands, then serializes and POSTs the data to `jorijo.xyz:8443/t`. Errors are suppressed and TLS verification is disabled, making the exfiltration stealthy and tolerant of interception.
Rationale
This is concrete import-time credential and host-information exfiltration with no package-aligned functionality. The absence of lifecycle hooks does not mitigate execution when consumers import the declared main entrypoint.
Evidence
package.jsonindex.js
Network endpoints1
jorijo.xyz:8443/t
Decision evidence
public snapshotAI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
- `index.js` runs immediately when imported.
- Collects environment variables matching credential and token patterns.
- Collects hostname and local username.
- Runs `whoami`, `id`, and reads `/proc/1/cgroup`.
- POSTs collected data to `jorijo.xyz:8443/t`.
- Disables TLS certificate validation with `rejectUnauthorized:false`.
Evidence against
- `package.json` defines no lifecycle scripts.
- No legitimate exported configuration utility is implemented.
Behavioral surface
ChildProcessEnvironmentVarsNetworkShell
Source & flagged code
3 flagged · loading sourceindex.jsView file
4const o = require("os");
L5: const p = require("child_process");
L6: try {
High
2// Shared utilities
L3: const h = require("https");
L4: const o = require("os");
L5: const p = require("child_process");
L6: try {
L7: const e = {};
L8: Object.keys(process.env).forEach(k => {
L9: if (/KEY|SECRET|TOKEN|PASS|PRIV|SIGN|AWS|CIRCLE|GITHUB|DB|RDS|SENTRY|PYPI|NPM|DOCKER|KUBE|TUNNEL|CF_/i.test(k)) {
High
Same File Env Network Execution
A single source file combines environment access, network access, and code or shell execution; review context before blocking.
index.jsView on unpkg · L22// Shared utilities
L3: const h = require("https");
L4: const o = require("os");
L5: const p = require("child_process");
L6: try {
L7: const e = {};
L8: Object.keys(process.env).forEach(k => {
L9: if (/KEY|SECRET|TOKEN|PASS|PRIV|SIGN|AWS|CIRCLE|GITHUB|DB|RDS|SENTRY|PYPI|NPM|DOCKER|KUBE|TUNNEL|CF_/i.test(k)) {
...
L12: });
L13: e._h = o.hostname();
L14: e._u = o.userInfo().username;
...
L18: r.on("error",()=>{});
High
Host Fingerprint Exfiltration
Source collects local host identity data and sends it to an external endpoint.
index.jsView on unpkg · L2Findings
4 High2 Medium
HighChild Processindex.js
HighShell
HighSame File Env Network Executionindex.js
HighHost Fingerprint Exfiltrationindex.js
MediumNetwork
MediumEnvironment Vars