AI Security Review
scanned 3h ago · by lpm-firewall-aiThe package executes index.js during npm postinstall and exfiltrates host/user fingerprint data. The destination is a generic webhook.site endpoint, not package-aligned service infrastructure.
Static reason
One or more suspicious static signals were detected.; source fingerprint signature matched known malicious package; routed for review
Trigger
npm install lifecycle postinstall
Impact
Leaks installer username, working directory, hostname, local IP, platform, and timestamp to an external webhook.
Mechanism
install-time host fingerprint exfiltration via HTTPS POST
Attack narrative
On installation, npm runs the postinstall script `node index.js`. That script builds a JSON payload from OS and process metadata, including username, project working directory, hostname, local IPv4 address, platform, and timestamp, then posts it to a webhook.site URL. There is no visible legitimate package behavior that requires this install-time telemetry.
Rationale
Source inspection confirms unconsented install-time collection and exfiltration of host identity data to an unrelated webhook endpoint. This is concrete malicious behavior, not merely dual-use networking.
Evidence
package.jsonindex.js
Network endpoints1
webhook.site/a8cd7fd0-4d41-4806-8649-f3297e94a008
Decision evidence
public snapshotAI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
- package.json defines postinstall: node index.js
- index.js runs at install time and immediately sends an HTTPS POST
- index.js collects os.userInfo().username, cwd/INIT_CWD, hostname, local IPv4, platform, timestamp
- Data is exfiltrated to webhook.site /a8cd7fd0-4d41-4806-8649-f3297e94a008
- No package functionality beyond install-time host fingerprint collection and network send
Evidence against
- No credential file reads observed
- No child_process, eval, persistence, destructive actions, or AI-agent config writes observed
Behavioral surface
EnvironmentVarsNetwork
Source & flagged code
3 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node index.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkgindex.jsView file
1const os = require('os');
L2: const https = require('https');
L3:
L4: function localIP() {
L5: const nets = os.networkInterfaces();
L6: for (const iface of Object.values(nets)) {
...
L15: user: os.userInfo().username,
L16: cwd: process.env.INIT_CWD || process.cwd(),
L17: hostname: os.hostname(),
L18: localIP: localIP(),
...
L40:
L41: req.write(payload);
High
Host Fingerprint Exfiltration
Source collects local host identity data and sends it to an external endpoint.
index.jsView on unpkg · L1•matchType = malicious_source_fingerprint_signature
signature = b6b657094c077e81
signatureType = suspicious_hashes
sourceLabel = final_verdict:malicious
matchedPackage = dependency_confusions@99.9.9
matchedPath = index.js
matchedIdentity = npm:ZGVwZW5kZW5jeV9jb25mdXNpb25z:99.9.9
similarity = 1.000
shingleOverlap = 1
summary = package final verdict is malicious
High
Known Malware Source Fingerprint Signature
Source fingerprint signature matches a known malicious package signature; route for source-aware review.
index.jsView on unpkgFindings
3 High2 Medium1 Low
HighInstall Time Lifecycle Scriptspackage.json
HighHost Fingerprint Exfiltrationindex.js
HighKnown Malware Source Fingerprint Signatureindex.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present