Package declares a postinstall lifecycle hook ("postinstall": "node run.js") that auto-executes on install. The package ships beacon scripts (beacon12.js, beacon_linux.js) that import child_process, os, and http, collect host identifiers via os.hostname() and os.platform(), and issue outbound HTTP GET/POST requests via http.request() carrying that data off-host. The combination of automatic install-time execution, host enumeration, and unconditional outbound HTTP to non-registry endpoints is a host-beacon / exfiltration pattern that runs on any developer or CI machine that runs npm install against this package.