npm · registry.npmjs.org

@epambot/epam-videoportal-client

Js Decode Then Exec: base64 / atob / fromCharCode decode adjacent to eval / new Function — canonical obfuscated-loader pattern.

Why PkgRadar flagged 3.1.10

Severity	Signal	Evidence
high	Js Decode Then Exec	base64 / atob / fromCharCode decode adjacent to eval / new Function — canonical obfuscated-loader pattern. · package/autoconfig.js

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`3.1.10`	High risk	50	2026-06-03
`3.1.18`	Review	5	2026-06-02
`3.1.17`	Review	3	2026-06-02
`3.1.16`	Review	5	2026-06-01
`3.1.14`	Review	17	2026-05-30
`3.1.8`	Review	5	2026-05-30
`3.1.15`	Review	17	2026-05-29
`3.1.6`	Review	5	2026-05-29

Related campaigns

Block this in CI

PkgRadar gates @epambot/epam-videoportal-client (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @epambot/[email protected]