npm · registry.npmjs.org
ciphernest
Webhook Exfil Endpoint: matched "webhook.site"
Why PkgRadar flagged 0.8.6
| Severity | Signal | Evidence |
|---|---|---|
| high | Webhook Exfil Endpoint | matched "webhook.site" · package/packages/mcp-gateway/dist/index.js |
| high | DNS / OAST exfiltration | matched "canarytokens.com" · package/packages/mcp-gateway/dist/index.js |
| high | DNS / OAST exfiltration | matched "canarytokens.com" · package/packages/mcp-gateway/src/index.ts |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.8.6 | High risk | 125 | 2026-06-05 |
0.8.4 | High risk | 125 | 2026-06-05 |
0.8.0 | High risk | 125 | 2026-06-05 |
0.5.0 | Review | 30 | 2026-06-04 |
0.7.0 | Low risk | 0 | 2026-06-04 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]