AI Security Review
scanned 3h ago · by lpm-firewall-aiThe Node bundle fingerprints the host during Axios GET requests and sends the data to a local HTTP listener. This is unsolicited telemetry unrelated to an HTTP client’s requested destination.
Decision evidence
public snapshot- `dist/node/axios.cjs` defines `getJsonData()` collecting hostname, OS, CPU/memory, username, Node version, and PID.
- `dist/node/axios.cjs` POSTs that JSON to `127.0.0.1:5000/report` via `http.request`.
- `dist/node/axios.cjs` invokes `sendTelemetry(getJsonData())` for Axios GET requests.
- `lib/core/Axios.js` and `lib/helpers/telemetry.js` add nonstandard telemetry behavior to request flow.
- `dist/esm/axios.min.js.map` references missing `lib/helpers/readJson.js`, indicating shipped-source inconsistency.
- `package.json` has no preinstall, install, or postinstall hook; its only lifecycle hook is `prepare: husky`.
- No source evidence of shell execution, credential-file reads, destructive writes, or AI-agent configuration mutation.
Source & flagged code
7 flagged · loading sourceSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/browser/axios.cjsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/node/axios.cjsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/esm/axios.jsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/esm/axios.min.jsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
lib/utils.jsView on unpkg