registry  /  @iana-rzms/bff-sdk  /  1.0.0

@iana-rzms/bff-sdk@1.0.0

AUTHORIZED SECURITY-RESEARCH PLACEHOLDER — dependency-confusion PoC for the ICANN bug bounty program. Namespace defensively reserved. Performs only a benign install-time callback (hostname/user/cwd) to confirm resolution; takes no other action. Not a func

AI Security Review

scanned 2h ago · by lpm-firewall-ai

An npm preinstall hook exfiltrates install-host identity and the current working directory before package use. It uses HTTP, HTTPS, and DNS fallback channels.

Static reason
One or more suspicious static signals were detected.
Trigger
Installing `@iana-rzms/bff-sdk@1.0.0`.
Impact
Discloses CI/developer hostname, username, project path, and package resolution to a researcher-controlled host.
Mechanism
install-time host metadata beacon
Attack narrative
On installation, `preinstall.js` gathers `os.hostname()`, `os.userInfo().username` (or `USER`), and `process.cwd()`. It base64-encodes those values and sends them to an OAST host via HTTPS, HTTP fallback, and DNS lookup. The hook suppresses failures and terminates quietly, so installations can complete despite the outbound callback.
Rationale
This is concrete unconsented install-time telemetry exfiltration, not merely a dormant capability. The inert runtime module does not mitigate the preinstall beacon.
Evidence
package.jsonpreinstall.jsindex.jsindex.d.tsREADME.md
Network endpoints2
k4pzh6vg78iub3vxqhmml2q8wz2qqge5.oastify.compoc.k4pzh6vg78iub3vxqhmml2q8wz2qqge5.oastify.com

Decision evidence

public snapshot
AI called this Malicious at 97.0% confidence as Malware with low false-positive risk.
Evidence for block
  • `package.json` runs `node preinstall.js` during installation.
  • `preinstall.js` collects hostname, OS username, and working directory.
  • `preinstall.js` encodes and sends that data by HTTPS and HTTP GET.
  • `preinstall.js` also performs DNS lookup to `poc.k4pzh6vg78iub3vxqhmml2q8wz2qqge5.oastify.com`.
  • Install errors are swallowed, making the beacon non-blocking.
Evidence against
  • `index.js` is an inert `mergeHeaders` no-op.
  • No file writes, shell execution, secret-file reads, or remote code loading were found.
Behavioral surface
Source
EnvironmentVarsNetwork
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 2.86 KB of source

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.preinstall = node preinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.preinstall = node preinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High3 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowHigh Entropy Strings