Package occupies the unscoped name mcp-server-notion to catch misrouted installs of the scoped MCP Notion server. package.json declares "postinstall": "node index.js", and index.js reads os.hostname(), process.cwd(), process.env.npm_config_user_agent, the Node version, and os.platform(), then POSTs them to https://npx-canary-log.vulnerable-live.workers.dev/log. The transmission fires automatically on npm install with no consent prompt or opt-in. The author self-describes the package as a security-research "canary," but the resulting behavior — squatting a confusable name and silently shipping installer host identifiers to a third-party Cloudflare Workers endpoint — is indistinguishable from a typosquat-and-beacon supply-chain attack, and the installer is not the consenting party.