On npm install, lib/_init.js spawns a detached Node child process that collects host identifiers (hostname, username, cwd, IPv4 addresses, Node version, npm registry) and the names of environment variables matching /NPM|NODE|CI|JENKINS|GIT|BUILD|RUNNER|DOCKER|KUBE|REGISTRY/, then HTTPS-POSTs the data to a hardcoded DingTalk robot webhook (oapi.dingtalk.com/robot/send) with a Chinese title meaning 'someone came online'. The script also contains explicit sandbox-evasion logic at lib/_init.js:9-12 that no-ops when the username or hostname contains 'sandbox', 'malware', 'analyst', 'cuckoo', 'analysis', or 'sample' — a clear intent signal designed to hide the beacon from automated analyzers. The collected fields plus the CI/registry-focused env-name filter are the canonical dependency-confusion reconnaissance pattern: identify which organizations have pulled the package by mistake and harvest target intel for follow-on internal-package attacks.