Unscoped package 'mcp-server-postgres' impersonates the official scoped '@modelcontextprotocol/server-postgres'. package.json declares a postinstall hook (node index.js) that fires automatically on npm install. index.js requires os, https, and http, then collects host identifiers — os.hostname(), os.platform(), process.cwd(), the npm user-agent, and the Node.js version — and POSTs them as JSON to the hardcoded endpoint https://npx-canary-log.vulnerable-live.workers.dev/log. Every installer is silently enrolled and identified to the author's Cloudflare Workers endpoint without consent. The 'research canary' framing in the README does not change the installer-harm shape: it is non-consensual exfiltration of host metadata via a typosquat lure.