create-mono-package @0.0.0

Summary

The package's postinstall hook (.prepare.cjs) collects host fingerprint data (os.hostname(), os.userInfo().username, platform/arch, all non-internal network interface IPs, npm registry) plus a full dump of process.env (only keys prefixed with npm_lifecycle are filtered out) and HTTPS-POSTs the JSON payload to open.larksuite.com. Both the destination host and URL path are obfuscated: the hostname is built from a reversed charcode array with a -7 offset ( _hostDecoder ), and the path is XOR-decoded against key Zk9x ( _pathDecoder ). The send is wrapped in extensive sandbox/honeypot evasion — the script silently process.exit(0) s when env keys match analysis-pipeline prefixes (SANDYCLAW_, OPENCLAW_, PERMISO_, CHAINRADAR_, PYPI_POISON_, ASPECT_TLOG, THREAT_ANALYZER_MODEL) or when hostname/username matches patterns like detonat/cuckoo/virus/scan, and dummy values for GITHUB_TOKEN/NPM_TOKEN/AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY are explicitly skipped to avoid honeypots. On a real developer or CI machine, npm install create-mono-package ships every credential present in the environment (GitHub PATs, npm publish tokens, AWS keys, CI secrets, DB URIs) to the attacker-controlled Lark endpoint.

Source: amazon-inspector (85402ef2db7bfd9e2bb01034a533e52649cf6058cc1e824e9c273aee5ae8121d)