npm · registry.npmjs.org
@granular-software/sdk
Remote Payload: matched "cUrl "
Why PkgRadar flagged 0.4.40
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "cUrl " · package/dist/agent-evals.js |
| medium | Obfuscation Density | high encoded/escaped-token density · package/dist/cli/index.js |
| medium | Remote Payload | matched "cUrl " · package/dist/index.js |
| medium | Remote Payload | matched "cUrl " · package/dist/agent-evals.mjs |
| medium | Remote Payload | matched "cUrl " · package/dist/index.mjs |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.4.47 | Low risk | 0 | 2026-06-13 |
0.4.46 | Low risk | 0 | 2026-06-09 |
0.4.45 | Low risk | 0 | 2026-05-30 |
0.4.44 | Low risk | 0 | 2026-05-30 |
0.4.43 | Low risk | 0 | 2026-05-30 |
0.4.42 | Low risk | 0 | 2026-05-25 |
0.4.40 | Review | 48 | 2026-05-24 |
0.4.41 | Review | 48 | 2026-05-24 |
Block this in CI
pkgradar gate --ecosystem npm @granular-software/[email protected]