AI Security Review
scanned 2h ago · by lpm-firewall-aiInstall triggers hidden shell commands that retrieve data from an internal-looking host and exfiltrate it to an external OAST endpoint. A second request attempts server-side forwarding to that endpoint.
Static reason
One or more suspicious static signals were detected.
Trigger
npm installation via the `postinstall` lifecycle hook.
Impact
May extract internal HTTP content and induce SSRF during dependency installation.
Mechanism
install-time curl-based SSRF probing and data exfiltration
Attack narrative
On installation, `postinstall.js` executes curl pipelines. It fetches content from `tst.woa.com/flag.html` and posts it to an attacker-observable OAST endpoint, then requests an SSRF-forwarding URL targeting the same endpoint. This behavior is unrelated to the advertised HTTP helper and executes without user invocation.
Rationale
The package contains concrete, unconsented install-time shell execution that probes an internal-looking service and exfiltrates retrieved content to an external OAST domain. This is malicious behavior, not a benign runtime HTTP utility.
Evidence
package.jsonpostinstall.jsindex.js
Network endpoints4
tst.woa.com/flag.htmltst.woa.com/ssrf_forward.phppwpzhsrbtvmfqrqr7onqcwnrcii960up.oastify.com/ssrf1pwpzhsrbtvmfqrqr7onqcwnrcii960up.oastify.com
OSV Corroboration
OpenSSF/OSVAdvisory
MAL-2026-10699
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in http-req-lite (npm)
Details
The OpenSSF Package Analysis project identified 'http-req-lite' @ 1.0.0 (npm) as malicious.
It is considered malicious because:
- The package communicates with a domain associated with malicious activity.
- The package executes one or more commands associated with malicious behavior.
References
Decision evidence
public snapshotAI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
- `package.json` runs `node postinstall.js` automatically on install.
- `postinstall.js` executes shell commands through `child_process.exec`.
- `postinstall.js` fetches `http://tst.woa.com/flag.html` and POSTs its body to an OAST host.
- `postinstall.js` triggers `ssrf_forward.php` with the external OAST hostname.
Evidence against
- `index.js` only exports a user-invoked `fetch(url)` helper.
- No benign purpose is evident for the install-time network activity.
Behavioral surface
ChildProcessNetwork
TrivialUrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node postinstall.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node postinstall.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowUrl Strings