AI Security Review
scanned 3h ago · by lpm-firewall-aiInstall-time code harvests host identity, directory listing, command output, and sensitive local-file contents. It exfiltrates the collected data through a hard-coded Discord webhook.
Decision evidence
public snapshot- package.json runs `node index.js` during `preinstall`.
- index.js collects user, home, host, OS, and current directory data.
- index.js executes `id`, `whoami`, `hostname`, or `systeminfo`.
- index.js attempts to read `/etc/passwd` and Windows SAM paths.
- index.js POSTs collected data to a hard-coded Discord webhook.
- No legitimate package functionality is implemented.
- The bundled .tgz contains only the same manifest and entrypoint.
Source & flagged code
7 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgSource appears to send environment or credential material to an external endpoint.
index.jsView on unpkg · L2A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
index.jsView on unpkg · L2Source collects local host identity data and sends it to an external endpoint.
index.jsView on unpkg · L2Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
index.jsView on unpkg · L2Package ships compressed or archive-like blobs.
google-caja-bower-20.20.20.tgzView on unpkgPackage ships a nested archive or MCP bundle that was inventoried but not recursively analyzed.
google-caja-bower-20.20.20.tgzView on unpkg