diff --git a/exposures/configs/package-json.yaml b/http/exposures/configs/package-json.yaml
similarity index 61%
rename from exposures/configs/package-json.yaml
rename to http/exposures/configs/package-json.yaml
index bb82784c2b..d2c019d432 100644
--- a/exposures/configs/package-json.yaml
+++ b/http/exposures/configs/package-json.yaml
@@ -1,20 +1,25 @@
 id: package-json
 
 info:
-  name: npm package.json disclosure
+  name: NPM package.json Disclosure
   author: geeknik,afaq,noraj
   severity: info
-  description: All NodeJS packages contain a file, usually in the project root, called package.json - this file holds various metadata relevant to the project generated by package managers such as npm, yarn, pnpm.
+  description: |
+    All NodeJS packages contain a file, usually in the project root, called package.json - this file holds various metadata relevant to the project generated by package managers such as npm, yarn, pnpm.
   reference:
     - https://docs.npmjs.com/cli/v9/configuring-npm/package-json
     - https://classic.yarnpkg.com/lang/en/docs/package-json/
     - https://pnpm.io/package_json
-  tags: config,exposure
+  metadata:
+    max-request: 2
+    verified: true
+  tags: config,exposure,node,npm
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/package.json"
+      - "{{BaseURL}}/package-lock.json"
 
     matchers-condition: and
     matchers:
@@ -25,9 +30,9 @@ requests:
         condition: and
 
       - type: word
+        part: header
         words:
           - "application/json"
-        part: header
 
       - type: status
         status: