PkgRadar

npm · registry.npmjs.org

@cking000/pi-web

Reverse Shell, Suspicious Publish Context

Why PkgRadar flagged 0.6.18

SeveritySignalEvidence
highReverse Shellpackage/.next/static/chunks/194-d231a3ff99b573f9.js
mediumSuspicious Publish Context

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
0.6.18High risk502026-06-22
0.6.16High risk502026-06-22
0.6.17High risk502026-06-22

Related campaigns

Block this in CI

PkgRadar gates @cking000/pi-web (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @cking000/[email protected]
Start free — 25 scans / moView full evidence
@cking000/pi-web — npm security scan | PkgRadar