PkgRadar

npm · registry.npmjs.org

@bjsdistribution/dms-client-return

Remote Payload: matched "cUrl "

Why PkgRadar flagged 0.1.57-prod

SeveritySignalEvidence
mediumRemote Payloadmatched "cUrl " · package/dist/dms-client-return.cjs.development.js

Scanned versions

VersionVerdictScoreScanned (UTC)
0.1.61-prodLow risk02026-06-11
0.1.5-prodLow risk02026-06-11
0.3.83-stagingLow risk02026-06-11
0.1.60-prodLow risk02026-06-08
0.3.82-stagingLow risk02026-06-05
0.3.80-stagingLow risk02026-06-05
0.3.79-stagingLow risk02026-06-04
0.1.59-prodLow risk02026-06-04
0.3.78-stagingLow risk02026-05-29
0.1.58-prodLow risk02026-05-29
0.3.77-stagingLow risk02026-05-28
0.1.57-prodReview62026-05-27
0.1.56-prodLow risk02026-05-26
0.3.76-stagingLow risk02026-05-26

Block this in CI

PkgRadar gates @bjsdistribution/dms-client-return (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @bjsdistribution/[email protected]
Start free — 25 scans / moView full evidence
@bjsdistribution/dms-client-return — npm security scan | PkgRadar