---

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (5756836b470f645f316696cbaedb1aedc21cde7fc921714bfbf70f2d528ad5b4)

The bundled dist/index.js reads process.env values and posts data to https://api.telegram.org via a hardcoded fetch call (line 97), with additional POST/fetch primitives at lines 63, 69, and 98. The Telegram bot API endpoint pattern (api.telegram.org/bot/sendMessage) is a well-documented exfiltration channel used to deliver harvested credentials and host data to an attacker-controlled bot, leveraging Telegram's TLS infrastructure to defeat domain blocking. Combined with the require("fs") + require("http") + process.env reads in the same module, the package's behavior is environment harvesting and outbound exfiltration on use. Installing or loading this package routes installer-side environment variables to an attacker-controlled Telegram bot.