npm · registry.npmjs.org
@askalf/dario
Js Hidden Powershell: Hidden / non-interactive PowerShell invocation in package code — `-WindowStyle Hidden`, `irm | iex`, `windowsHide: true`, or equivalent — used to download-and-run payloads on Windows installers.
Why PkgRadar flagged 4.8.71
| Severity | Signal | Evidence |
|---|---|---|
| high | Js Hidden Powershell | Hidden / non-interactive PowerShell invocation in package code — `-WindowStyle Hidden`, `irm | iex`, `windowsHide: true`, or equivalent — used to download-and-run payloads on Windows installers. · package/dist/runtime-fingerprint.js |
| medium | Remote Payload | matched "curl " · package/dist/runtime-fingerprint.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
4.8.71 | Review | 39 | 2026-06-13 |
4.8.70 | Review | 39 | 2026-06-13 |
4.8.69 | Review | 39 | 2026-06-13 |
4.8.68 | Review | 39 | 2026-06-12 |
4.8.67 | Review | 57 | 2026-06-12 |
4.8.66 | Review | 57 | 2026-06-12 |
4.8.65 | Review | 39 | 2026-06-12 |
4.8.64 | Review | 39 | 2026-06-12 |
4.8.63 | Review | 39 | 2026-06-12 |
4.8.62 | Review | 39 | 2026-06-11 |
4.8.61 | Review | 39 | 2026-06-11 |
4.8.60 | Review | 39 | 2026-06-11 |
4.8.59 | Review | 39 | 2026-06-10 |
4.8.58 | Review | 57 | 2026-06-10 |
4.8.57 | Review | 39 | 2026-06-10 |
4.8.56 | Review | 57 | 2026-06-10 |
4.8.54 | Review | 39 | 2026-06-10 |
4.8.55 | Review | 39 | 2026-06-10 |
4.8.53 | Review | 57 | 2026-06-09 |
4.8.52 | Review | 39 | 2026-06-09 |
4.8.51 | Review | 57 | 2026-06-09 |
4.8.50 | Review | 39 | 2026-06-09 |
4.8.49 | Review | 39 | 2026-06-09 |
4.8.48 | Review | 39 | 2026-06-09 |
4.8.47 | Review | 39 | 2026-06-09 |
4.8.46 | Review | 39 | 2026-06-09 |
4.8.45 | Review | 39 | 2026-06-09 |
4.8.44 | Review | 39 | 2026-06-09 |
4.8.43 | Review | 57 | 2026-06-08 |
4.8.42 | Review | 39 | 2026-06-08 |
4.8.41 | Review | 39 | 2026-06-07 |
4.8.40 | Review | 39 | 2026-06-07 |
4.8.39 | Review | 39 | 2026-06-07 |
4.8.38 | Review | 39 | 2026-06-07 |
4.8.37 | Review | 57 | 2026-06-07 |
4.8.36 | Review | 39 | 2026-06-07 |
4.8.35 | Review | 39 | 2026-06-06 |
4.8.34 | Review | 39 | 2026-06-06 |
4.8.33 | Review | 39 | 2026-06-05 |
4.8.32 | Review | 39 | 2026-06-04 |
4.8.30 | Review | 39 | 2026-06-04 |
4.8.31 | Review | 39 | 2026-06-04 |
4.8.27 | Review | 39 | 2026-06-03 |
4.8.26 | Review | 57 | 2026-06-02 |
4.8.25 | Review | 39 | 2026-06-02 |
4.8.24 | Review | 39 | 2026-06-02 |
4.8.23 | Review | 39 | 2026-06-02 |
4.8.22 | Review | 39 | 2026-05-31 |
4.8.21 | Review | 57 | 2026-05-31 |
4.8.20 | Review | 39 | 2026-05-31 |
4.8.19 | Review | 39 | 2026-05-30 |
4.8.18 | Review | 39 | 2026-05-29 |
4.8.17 | Review | 39 | 2026-05-29 |
4.8.16 | Review | 39 | 2026-05-29 |
4.8.15 | Review | 39 | 2026-05-29 |
4.8.14 | Review | 57 | 2026-05-29 |
4.8.12 | Review | 39 | 2026-05-28 |
4.8.13 | Review | 39 | 2026-05-28 |
4.8.11 | Review | 57 | 2026-05-28 |
4.8.9 | Review | 8 | 2026-05-27 |
4.8.10 | Review | 8 | 2026-05-27 |
Block this in CI
pkgradar gate --ecosystem npm @askalf/[email protected]