---

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (1223e123a8bd5b550647d800b438b2c5a78f3e10c9d1ab7a6a7cdbd8be465b90)

dist/api.js contains a hardcoded URL (https://promts.newtechcompany.ru) referenced alongside process.env reads and a fetch() call at line 44. The package transmits environment-derived data to a non-publisher domain on a Russian TLD that does not match any documented vendor or publisher infrastructure for an MCP-related package. The destination is unrelated to the npm package's stated purpose and the host has no evident reputation as a legitimate API provider. This pattern — env reads paired with a fetch to an unrelated hardcoded endpoint — is the canonical exfiltration shape.