AI Security Review
scanned 3h ago · by lpm-firewall-aiInstall-time malware runs on npm postinstall and steals credentials, env data, config files, and browser wallet vault data. It exfiltrates to Telegram using an obfuscated bot token/chat id and deletes install.js afterward.
Decision evidence
public snapshot- package.json defines postinstall: node install.js.
- install.js has sandbox checks and a per-host tmp lock before running.
- install.js collects secret-like env vars plus full process.env.
- install.js reads credential files: .npmrc, AWS, git, kube, gcloud, docker, ssh, netrc, env files.
- install.js archives MetaMask/Trust Wallet Chrome extension storage via tar/powershell.
- install.js sends summary and gzipped data/documents to api.telegram.org, then self-deletes.
- index.js only exports require('debug').
- No package-aligned reason for postinstall credential, wallet, or filesystem collection.
Source & flagged code
5 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgA single source file combines environment access, network access, and code or shell execution; review context before blocking.
install.jsView on unpkg · L2