npm · registry.npmjs.org
@convo-lang/convo-lang-mcp-client
Webhook Exfil Endpoint: matched "ngrok.app"
Why PkgRadar flagged 0.9.6
| Severity | Signal | Evidence |
|---|---|---|
| high | Webhook Exfil Endpoint | matched "ngrok.app" · package/src/lib/McpOAuthClientProvider.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.9.6 | High risk | 40 | 2026-06-10 |
0.9.7 | High risk | 40 | 2026-06-10 |
Block this in CI
pkgradar gate --ecosystem npm @convo-lang/[email protected]