registry  /  @luminarycloudinternal/frodo  /  9999.0.1

@luminarycloudinternal/frodo@9999.0.1

Security research placeholder (Bugcrowd luminarycloud-mbb-od2, submission 10d62a7c). Benign dependency-confusion canary held by researcher account mdpsec. No functional code. Will be unpublished or transferred to Luminary Cloud on request.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

The package has an install-time callback that reports CI and host identifiers to a researcher-controlled endpoint. This is concrete unconsented lifecycle telemetry for dependency-confusion detection.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install / postinstall lifecycle
Impact
CI/project attribution and host metadata are exfiltrated when installed
Mechanism
install-time HTTPS beacon with CI metadata
Attack narrative
On installation, npm runs postinstall.js. The script builds query parameters from npm and CI environment identifiers plus os.hostname(), then sends them to a testingboxes.com callback URL and suppresses errors so install succeeds.
Rationale
Source inspection confirms an unconsented postinstall network beacon that transmits CI/project and host identifiers, matching a dependency-confusion canary rather than inert placeholder code. No broader malware behaviors were found, but install-time exfiltration is enough to block.
Evidence
package.jsonpostinstall.jsREADME.md
Network endpoints1
poc-luminary-npm-1782987043.testingboxes.com/cb/5457161feaa0f110e5790adead3a652e0a2f40773c6cfb40

Decision evidence

public snapshot
AI called this Malicious at 96.0% confidence as Malware with low false-positive risk.
Evidence for block
  • package.json runs install-time hook: postinstall -> node postinstall.js
  • postinstall.js sends HTTPS GET during install to poc-luminary-npm-1782987043.testingboxes.com
  • postinstall.js transmits npm package, user-agent, CI, GitHub repository, runner, SHA, ref, workflow, and hostname
  • README/package metadata describe this as a dependency-confusion canary for an internal-looking scope
Evidence against
  • postinstall.js does not read arbitrary files or secrets by name
  • No persistence, shell execution, destructive behavior, or AI-agent control-surface writes found
  • Only package files present are package.json, README.md, and postinstall.js
Behavioral surface
Source
EnvironmentVarsNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 1.25 KB of source, external domains: poc-luminary-npm-1782987043.testingboxes.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings