@test20250424/invoice-doc-extractor
Unknown developer
Threat Summary
Key Security Threats
YARA rule match: -postinstall_system_command
/tmp/extract-a5904d2dd722642f7d6e6ef481c233af6eab53ab5edddaaf0e8fb35ae1b872b9-237453607/README.md
YARA rule match: -UsingCommandLineArguments
/tmp/extract-a5904d2dd722642f7d6e6ef481c233af6eab53ab5edddaaf0e8fb35ae1b872b9-237453607/dist/cli.js
YARA rule match: -postinstall_system_command
/tmp/extract-a5904d2dd722642f7d6e6ef481c233af6eab53ab5edddaaf0e8fb35ae1b872b9-237453607/dist/cli.js
YARA rule match: -postinstall_registry_modification
/tmp/extract-a5904d2dd722642f7d6e6ef481c233af6eab53ab5edddaaf0e8fb35ae1b872b9-237453607/package.json
All Findings (17)
View all 17 security findings
YARA rule match: -postinstall_system_command
YARA rule match: -UsingCommandLineArguments
YARA rule match: -postinstall_system_command
YARA rule match: -postinstall_registry_modification
MCP tool poisoning risk: FILESYSTEM-ACCESS-dist/handler.js-7
MCP tool poisoning risk: FILESYSTEM-ACCESS-dist/handler.js-11
MCP tool poisoning risk: FILESYSTEM-ACCESS-dist/tools/invoice_doc_extractor.js-6
XIOC detected Domain: request.id
XIOC detected Domain: invoice-guidelines.md
XIOC detected Domain: example.com
XIOC detected Domain: registry.npmjs.org
XIOC detected Email: [email protected]
XIOC detected URL: https://registry.npmjs.org/
MCP tool poisoning risk: FILESYSTEM-ACCESS-dist/tools/invoice_doc_extractor.js-35
HASH-6c77c954e81088f2
HASH-c161b002887507c7
HASH-f561e51bbccc02d9
Recommended Action
This extension has significant security concerns that warrant careful review. Consider uninstalling or finding a safer alternative. If you must use it, limit the permissions and monitor for suspicious activity.