registry  /  home-mp-commons  /  999.0.1

home-mp-commons@999.0.1

Placeholder - security research, package name claimed to prevent dependency confusion. Contact: your-email@example.com

AI Security Review

scanned 3h ago · by lpm-firewall-ai

Install-time code contacts an external callback service and includes the local hostname in the request. This is a concrete telemetry/exfiltration action with no package functionality.

Static reason
One or more suspicious static signals were detected.
Trigger
npm package installation
Impact
Exposes install occurrence and host identity to a third party.
Mechanism
postinstall HTTPS hostname beacon
Attack narrative
Installing the package invokes `postinstall.js`. It uses `https.request` to beacon to an OASTify-controlled host, embedding the local machine hostname in the request path, while suppressing request errors. The declared `index.js` entrypoint is absent and the package ships only the postinstall script, so the install-time callback is its only delivered behavior.
Rationale
The package has no delivered runtime implementation but performs an unconsented external hostname beacon during `postinstall`. This is concrete install-time data exfiltration and warrants blocking.
Evidence
package.jsonpostinstall.js
Network endpoints1
jm93mcf6lwbl1ltezpqohn8t0k6bu4it.oastify.com/poc?evt=install&pkg=home-mp-commons&host={hostname}

OSV Corroboration

OpenSSF/OSV
Advisory
MAL-2026-10553
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in home-mp-commons (npm)
Details
home-mp-commons@999.0.3 is an empty npm package (declared main index.js is absent from the tarball) whose sole effect on install is to resolve a single dependency 'ltidisafe' from a hardcoded off-registry URL at https://storage.googleapis.com/bowpentest/pack-home-mp-commons.tgz. On npm install, npm fetches and installs that tarball from an anonymous Google Cloud Storage bucket; any lifecycle scripts or main module inside the fetched tarball then execute on the installer's machine. The bucket contents are mutable and controlled by whoever owns the 'bowpentest' bucket, not by any documented publisher or the npm registry. The package name pattern combined with a 999.x.x version bump and an internal-sounding scope-free name is the canonical dependency-confusion delivery shape: a hollow lure that pulls attacker-controlled code into the installer's node_modules at install time.

Decision evidence

public snapshot
AI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
  • `package.json` runs `node postinstall.js` automatically on install.
  • `postinstall.js` sends an HTTPS GET request during install.
  • The request transmits the installing machine hostname to an external OAST host.
  • Request errors are silently ignored, reducing visible failure signals.
Evidence against
  • No credential, token, or file-content harvesting was found in inspected sources.
Behavioral surface
Source
Network
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 375 B of source

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High2 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowHigh Entropy Strings