On npm install, the package's postinstall hook (node install.js) fetches a platform-specific executable from http://156.226.174.161:8888/binaries/tunnel-client-* over plaintext HTTP, writes it to the package's bin/ directory, and chmod 0755s it. The download URL is hardcoded to a bare IP address, uses cleartext HTTP (no TLS), is not pinned to a version, and the fetched bytes are never hash- or signature-verified before being made executable. The cli.js fallback performs the same unverified download on first CLI invocation if the binary is missing. Any on-path network attacker between the installer and 156.226.174.161 — or any future operator of that IP — can substitute arbitrary native code that will then run on the installer's machine. The destination is not a known runtime CDN, not the package publisher's own infrastructure, and the package's stated purpose (a tunnel client) does not justify forgoing TLS or integrity verification. Separately, the README ships plaintext admin credentials for the author's own tunnel server, which is author self-harm and not the basis for this block.