Affected script: "install-scripts:preinstall"
This script uses curl to send the contents of the '/etc/passwd' file to an external domain, which is very likely an exfiltration attempt. The '/etc/passwd' file contains user account information, which is considered sensitive data. This kind of data transfer could be an attempt to steal user data or conduct reconnaissance for further attacks.
@atea/warranty-form 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.