environment-secrets-exfiltrator

The manifest intentionally documents a component that harvests environment variables and exfiltrates them (Base64-encoded) via HTTP POST. Even without implementation details, the declared behavior demonstrates clear malicious intent and a high likelihood of data-exfiltration capability. Treat this artifact as malicious: block, remove, and investigate any related packages or build artifacts.

This module is malicious: it intentionally harvests environment variables that match secret-related keywords and exfiltrates them to a hard-coded external server using base64-encoded JSON. Treat as credential-theft/backdoor code. Do not execute. If found in an environment, assume compromise of any exposed secrets, block network traffic to the endpoint, remove the code, and rotate affected credentials and keys.