On npm install, index.js runs as a preinstall hook and POSTs hostname, username, platform, architecture, cwd, CI flags, and npm user-agent to https://webhook.site/40b5f3e2-4072-4f2c-b259-0ecb531755d7. The same script then probes Google's internal SSO proxy at http://uberproxy.corp.google.com/procz and the GCE metadata endpoint http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token (with the required Metadata-Flavor: Google header) and forwards any 200 response — including GCE service-account tokens — plus hostname, id, and uname -a output to the same webhook. The package presents itself with a generic Jupyter description and the placeholder author 'IPython Development Team' but ships no functional code matching that description; the name and metadata are consistent with a dependency-confusion lure aimed at Google internal builds.