AI Security Review
scanned 1h ago · by lpm-firewall-aiA lifecycle-triggered script fingerprints the host and exfiltrates it over HTTPS. The package has no apparent functional purpose beyond this collection.
Static reason
One or more suspicious static signals were detected.
Trigger
npm lifecycle execution of `prepare` runs `node index.js`.
Impact
Leaks local username, hostname, project path, and LAN IPv4 address to a third-party endpoint.
Mechanism
host fingerprint collection followed by HTTPS POST exfiltration
Attack narrative
The `prepare` hook executes `index.js`, which reads OS and environment-derived host identity data, serializes it, and POSTs it to `crabbing-thong-overhung.ngrok-free.dev`. Errors are intentionally ignored, and the package contains no apparent legitimate behavior to justify this unsolicited telemetry.
Rationale
Direct source inspection confirms lifecycle-triggered host fingerprint exfiltration to an unrelated external endpoint. This is concrete malicious data collection, not a scanner-only inference.
Evidence
package.jsonindex.js
Network endpoints1
crabbing-thong-overhung.ngrok-free.dev
Decision evidence
public snapshotAI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
- `package.json` defines `prepare: node index.js || true`.
- `index.js` collects username, hostname, working directory, and local IPv4 address.
- `index.js` POSTs the collected JSON to an unrelated ngrok endpoint.
- The error handler suppresses request failures.
Evidence against
- Only `package.json` and `index.js` are present; no benign package functionality is implemented.
- No user-invoked command or documented consent gate protects the collection.
Behavioral surface
EnvironmentVarsNetwork
UrlStrings
NoLicense
Source & flagged code
1 flagged · loading sourceindex.jsView file
1const os = require('os');
L2: const https = require('https');
L3:
L4: function localIP() {
L5: const nets = os.networkInterfaces();
L6:
...
L17: user: os.userInfo().username,
L18: cwd: process.env.INIT_CWD || process.cwd(),
L19: hostname: os.hostname(),
L20: ip: localIP(),
...
L34: req.on('error', () => {});
L35: req.write(payload);
High
Host Fingerprint Exfiltration
Source collects local host identity data and sends it to an external endpoint.
index.jsView on unpkg · L1Findings
1 High2 Medium4 Low
HighHost Fingerprint Exfiltrationindex.js
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowUrl Strings
LowNo License