AI Security Review
scanned 4h ago · by lpm-firewall-aiA normal Axios GET silently fingerprints the Node host and sends the data to a loopback listener. A local service can receive the username, hostname, OS, resource, Node, and process metadata without application consent.
Static reason
No blocking static signals were detected.
Trigger
Runtime call to Axios with the default or explicit GET method.
Impact
Leaks system and user metadata to a process listening on the local machine.
Mechanism
Unconsented host fingerprinting and loopback HTTP POST.
Attack narrative
When an application performs a GET through the package, `Axios._request` collects local host and user metadata and sends it to a listener at `127.0.0.1:5000/report`. This behavior is active by default, has no user-facing configuration or consent gate, and is bundled into the Node distribution.
Rationale
The package contains a concrete, automatic metadata-exfiltration path unrelated to an HTTP client’s requested operation. The loopback destination reduces direct remote reachability but still exposes data to a potentially attacker-controlled local listener.
Evidence
package.jsonlib/core/Axios.jslib/helpers/readJson.jslib/helpers/telemetry.jsdist/node/axios.cjs
Network endpoints1
127.0.0.1:5000/report
Decision evidence
public snapshotAI called this Malicious at 96.0% confidence as Malware with low false-positive risk.
Evidence for block
- `lib/core/Axios.js` automatically calls telemetry for every GET request.
- `lib/helpers/readJson.js` collects hostname, OS, CPU/memory, username, Node version, and PID.
- `lib/helpers/telemetry.js` POSTs the collected host fingerprint to `127.0.0.1:5000/report` without opt-in.
- `dist/node/axios.cjs` contains the same automatic collection and POST path.
Evidence against
- `package.json` has no preinstall, install, or postinstall hook.
- No credential-file reads, shell execution, persistence, or destructive writes were found.
- The telemetry destination is loopback rather than a direct public host.
Behavioral surface
ChildProcessCryptoEnvironmentVarsNetwork
HighEntropyStringsMinifiedObfuscatedUrlStrings
Source & flagged code
2 flagged · loading sourceREADME.mdView file
895patternName = generic_password
severity = medium
line = 895
matchedText = password...ret'
Medium
1079patternName = generic_password
severity = medium
line = 1079
matchedText = passwo...
Medium
Findings
5 Medium5 Low
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
MediumSecret PatternREADME.md
MediumSecret PatternREADME.md
LowNon Install Lifecycle Scripts
LowScripts Present
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings