PkgRadar

npm · registry.npmjs.org

@clipboard-health/ai-rules

Remote Payload: matched "curl "

Why PkgRadar flagged 2.20.14

SeveritySignalEvidence
mediumRemote Payloadmatched "curl " · package/skills/cognito-user-analysis/scripts/check-prerequisites.sh
mediumRemote Payloadmatched "curl " · package/skills/cognito-user-analysis/scripts/cognito-analyze-duplicates.sh
mediumRemote Payloadmatched "curl " · package/scripts/setup.sh

Scanned versions

VersionVerdictScoreScanned (UTC)
2.29.1Low risk02026-06-12
2.29.0Low risk02026-06-12
2.28.0Low risk02026-06-11
2.27.0Low risk02026-06-11
2.26.0Low risk02026-06-11
2.25.1Low risk02026-06-10
2.25.0Low risk02026-06-09
2.24.4Low risk02026-06-09
2.24.3Low risk02026-06-07
2.24.2Low risk02026-06-05
2.24.1Low risk02026-06-05
2.24.0Low risk02026-06-04
2.23.1Low risk02026-06-04
2.23.0Low risk02026-06-03
2.22.8Low risk02026-06-02
2.22.7Low risk02026-06-02
2.22.6Low risk02026-06-02
2.22.5Low risk02026-06-02
2.22.4Low risk02026-06-01
2.22.3Low risk02026-05-31
2.22.2Low risk02026-05-30
2.22.1Low risk02026-05-29
2.22.0Low risk02026-05-28
2.21.1Low risk02026-05-28
2.20.14Review282026-05-27
2.21.0Review282026-05-27
2.20.12Review282026-05-27
2.20.11Review282026-05-26
2.20.10Review282026-05-26
2.20.9Review962026-05-25
2.20.7Review962026-05-24
2.20.8Review962026-05-24

Block this in CI

PkgRadar gates @clipboard-health/ai-rules (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @clipboard-health/[email protected]
Start free — 25 scans / moView full evidence