onboarding-respects-modalnpm

onboarding-respects-modal is a dependency confusion proof-of-concept package published to the public npm registry by the account r0binak and self-labeled "Security research PoC - Dependency Confusion Hunter". It was published at the artificially high version 999.99.99, a floating-version bait used to outrank a private-registry package of the same name so that build pipelines preferring the highest available version resolve and install this public package instead. It belongs to the same r0binak dependency-confusion campaign as carousel-controller-mixin (MAL-2026-5856) and setka-editor (MAL-2026-5859). Packages in this campaign declare both preinstall and postinstall hooks that run callback.js on every npm install; the script collects installer identity and environment data (username, uid/gid, hostname, homedir, cwd, platform, Node version, local network interfaces, and the external IP via api.ipify.org) and probes for CI/cloud credential environment variables (AWS_ACCESS_KEY_ID, GITHUB_TOKEN, NPM_TOKEN, DOCKER_PASSWORD) plus GitHub Actions context. The collected data is exfiltrated to a hardcoded Discord webhook and via a DNS side-channel (base64-encoded host data prepended as a subdomain and resolved with dns.resolve()) to defeat egress HTTP filtering on CI networks. Regardless of the stated research intent, install-time exfiltration of host data and credential-presence flags is harmful to any pipeline that resolves this name.

Package name 'onboarding-respects-modal' published at version 999.99.99 to win dependency resolution against a private internal package of the same name. package.json declares both preinstall and postinstall lifecycle hooks that execute callback.js, which collects the installer's user info (username, uid/gid, homedir, shell), hostname, local and external IPs (via https://api.ipify.org), CI detection, and the entire process.env object with no redaction (the source comments explicitly note no masking), then POSTs the JSON payload over plain HTTP to the hardcoded bare-IP endpoint http://132.243.20.244:8000/api/collect. Any installer pulling this package — particularly in CI — leaks every secret in the job environment (GITHUB_TOKEN, NPM_TOKEN, AWS_*, etc.) to the attacker-controlled host. The README's 'security research PoC' label does not change installer impact: the package is live on the public registry and the exfiltration fires unconditionally on npm install.