registry  /  mapkit-loader  /  1.0.0

mapkit-loader@1.0.0

⚠️ SECURITY RESEARCH — Apple Bug Bounty npx confusion PoC. The correct package is @apple/mapkit-loader.

AI Security Review

scanned 4h ago · by lpm-firewall-ai

The package has install-time and CLI/import-time telemetry that creates a stable local identifier and phones home. It is a dependency-confusion PoC with unconsented execution tracking, but no credential theft or remote code execution was found.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install postinstall, npx/CLI execution, or requiring the package
Impact
Tracks installation or execution of the package and sends proof-of-execution metadata off-machine.
Mechanism
dependency-confusion telemetry pingback with persistent identifier
Attack narrative
Installing the package runs postinstall.js, which creates or reads a UUID under the user cache directory and POSTs it with version, trigger type, and timestamp to an Azure endpoint. Running the bin/main index.js performs the same behavior with a different via value, then prints a warning that the correct package is @apple/mapkit-loader.
Rationale
Direct inspection confirms lifecycle-triggered dependency-confusion tracking and outbound telemetry, which is risky and unconsented but bounded to proof-of-execution metadata. No source evidence shows secret harvesting, destructive behavior, persistence beyond the ID file, AI-agent control mutation, or remote code execution.
Evidence
package.jsonpostinstall.jsindex.jsREADME.md$XDG_CACHE_HOME/.mapkit-loader-id~/.cache/.mapkit-loader-id
Network endpoints1
npx-monitor-76056.azurewebsites.net/api/pingback

Decision evidence

public snapshot
AI called this Suspicious at 91.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json defines postinstall: node postinstall.js
  • postinstall.js runs install-time HTTPS POST telemetry
  • index.js bin/main also runs HTTPS POST telemetry
  • Both JS files create/reuse a persistent cache ID .mapkit-loader-id
  • README and source identify package as npx confusion PoC for @apple/mapkit-loader
Evidence against
  • Payload fields are limited to id, ver, via, and timestamp
  • No shell execution, eval/vm/Function, dynamic code loading, or native binary loading found
  • No credential, broad env, npmrc, SSH, or filesystem harvesting found
  • User-facing output warns this is not Apple's official package
Behavioral surface
Source
CryptoEnvironmentVarsFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 3.98 KB of source, external domains: npmjs.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings