AI Security Review
scanned 44m ago · by lpm-firewall-aiThe package contains an install-time callback that harvests host/user and IP geolocation data and sends it via DNS to an OAST domain. The name guard mismatch may prevent ordinary gen-ai-opt-in installs from reaching the payload, but the source intent is unconsented install-time data exfiltration.
Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall lifecycle when guard conditions match
Impact
Leaks username, hostname, public IP, city/region/country, ISP, and org to an attacker-controlled callback domain.
Mechanism
install-time host/user/IP geo collection with DNS exfiltration
Rationale
Source inspection shows a lifecycle script whose primary behavior is collecting local/user and network identity data and exfiltrating it over DNS. The mismatched package-name guard reduces trigger certainty for this exact package name but does not make the embedded install-time exfiltration logic benign. Product guard normalized a non-low false-positive publish_block request to warn-only suspicious.
Evidence
package.jsonpostinstall.jsreadme.md
Network endpoints2
ip-api.com/json/p1r2d74iwjk057raam6myf7e258wzkt8i.oastify.com
Decision evidence
public snapshotAI called this Suspicious at 90.0% confidence as Malware with medium false-positive risk.
Evidence for warning
- package.json defines postinstall: node postinstall.js and main points to postinstall.js
- postinstall.js collects public IP geo data from https://ip-api.com/json/
- postinstall.js collects os.hostname() and os.userInfo().username
- postinstall.js encodes collected values into a DNS lookup to p1r2d74iwjk057raam6myf7e258wzkt8i.oastify.com
- readme.md says "Takeover By lobo" with no legitimate package purpose
Evidence against
- postinstall.js exits unless npm_lifecycle_event and npm_package_name are set
- guard checks npm_package_name === 'ai-gen-ai-opt-in', which does not match package.json name gen-ai-opt-in
- No file writes, child_process, eval, native binaries, or persistence found
Behavioral surface
EnvironmentVarsNetwork
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node postinstall.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node postinstall.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High3 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings
LowNo License