PkgRadar

npm · registry.npmjs.org

@cordfuse/llmux

Install-time lifecycle script: postinstall="node scripts/fix-pty-permissions.mjs"

Why PkgRadar flagged 0.22.1

SeveritySignalEvidence
highNew Lifecycle Script Vs Previouspostinstall added in 0.22.1 vs 0.22.0: "node scripts/fix-pty-permissions.mjs" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
0.22.1High risk452026-06-20
0.34.0Review22026-06-20
0.33.7Review22026-06-20
0.33.3Review52026-06-20
0.33.2Review52026-06-19
0.33.1Review22026-06-19
0.33.0Review22026-06-19
0.32.3Review52026-06-19
0.32.2Review22026-06-19
0.32.1Review22026-06-19
0.31.6Review22026-06-19
0.32.0Review22026-06-19
0.31.4Review22026-06-19
0.31.5Review22026-06-19
0.31.3Review22026-06-18
0.31.2Review52026-06-18
0.31.1Review22026-06-18
0.31.0Review52026-06-18
0.30.0Review22026-06-18
0.29.0Review22026-06-18
0.27.0Review22026-06-18
0.28.0Review22026-06-18
0.26.0Review22026-06-18
0.25.0Review52026-06-18
0.24.1Review52026-06-18
0.24.0Review22026-06-18
0.23.0Review22026-06-18
0.22.0Low risk02026-06-18
0.21.3Low risk02026-06-18
0.21.2Low risk02026-06-17
0.21.1Low risk02026-06-17
0.21.0Low risk02026-06-17
0.20.4Low risk02026-06-17
0.20.3Low risk02026-06-17
0.20.2Low risk02026-06-17
0.20.1Low risk02026-06-17
0.20.0Low risk02026-06-17
0.19.0Low risk02026-06-17
0.18.5Low risk02026-06-17
0.18.4Low risk02026-06-17
0.18.2Low risk02026-06-17
0.18.1Low risk02026-06-17
0.18.0Low risk02026-06-17
0.17.3Low risk02026-06-17
0.17.1Low risk02026-06-17
0.17.0Low risk02026-06-17
0.16.3Low risk02026-06-17
0.16.2Low risk02026-06-17
0.16.1Low risk02026-06-17
0.16.0Low risk02026-06-17
0.15.6Low risk02026-06-17
0.15.5Low risk02026-06-17
0.15.4Low risk02026-06-17
0.15.3Low risk02026-06-17
0.15.2Low risk02026-06-17
0.15.1Low risk02026-06-17
0.15.0Low risk02026-06-17
0.14.1Low risk02026-06-17
0.14.0Low risk02026-06-17
0.13.7Low risk02026-06-17
0.13.6Low risk02026-06-17
0.13.5Low risk02026-06-17
0.13.4Low risk02026-06-17
0.13.3Low risk02026-06-17
0.13.2Low risk02026-06-17
0.13.1Low risk02026-06-17
0.13.0Low risk02026-06-17
0.12.4Low risk02026-06-17
0.12.3Low risk02026-06-17
0.12.2Low risk02026-06-17
0.12.1Low risk02026-06-17
0.12.0Low risk02026-06-17
0.11.0Low risk02026-06-17
0.10.4Low risk02026-06-17
0.10.5Low risk02026-06-17
0.10.3Low risk02026-06-16
0.10.2Low risk02026-06-16
0.10.1Low risk02026-06-16
0.10.0Low risk02026-06-16
0.9.3Low risk02026-06-16
0.9.2Low risk02026-06-16
0.9.1Low risk02026-06-16
0.9.0Low risk02026-06-16
0.8.6Low risk02026-06-16
0.8.5Low risk02026-06-16
0.8.4Low risk02026-06-16
0.8.3Low risk02026-06-16
0.8.2Low risk02026-06-16
0.8.1Low risk02026-06-16
0.8.0Low risk02026-06-16
0.7.4Low risk02026-06-16
0.7.3Low risk02026-06-16
0.7.2Low risk02026-06-16
0.7.1Low risk02026-06-16
0.7.0Low risk02026-06-16
0.6.1Low risk02026-06-16
0.6.0Low risk02026-06-16
0.5.2Low risk02026-06-16
0.5.1Low risk02026-06-16
0.4.4Low risk02026-06-16
0.5.0Low risk02026-06-16
0.4.3Low risk02026-06-16
0.4.2Low risk02026-06-16
0.4.1Low risk02026-06-16
0.4.0Low risk02026-06-16
0.3.3Low risk02026-06-16
0.3.4Low risk02026-06-16
0.3.2Low risk02026-06-16
0.3.1Low risk02026-06-16
0.3.0Low risk02026-06-16
0.2.13Low risk02026-06-16
0.2.14Low risk02026-06-16
0.2.12Low risk02026-06-16
0.2.11Low risk02026-06-16
0.2.10Low risk02026-06-16
0.2.9Low risk02026-06-16
0.2.8Low risk02026-06-16
0.2.7Low risk02026-06-16
0.2.6Low risk02026-06-16
0.2.4Low risk02026-06-16
0.2.5Low risk02026-06-16
0.2.3Low risk02026-06-16
0.2.2Low risk02026-06-16
0.2.1Low risk02026-06-16
0.2.0Low risk02026-06-16
0.1.0Low risk02026-06-15
0.0.1Low risk02026-06-15

Campaign attribution

Part of the asteroiddao npm campaign campaign.

Block this in CI

PkgRadar gates @cordfuse/llmux (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @cordfuse/[email protected]
Start free — 25 scans / moView full evidence