npm · registry.npmjs.org
@holon-dev/desk
Webhook Exfil Endpoint: matched "api.telegram.org/bot"
Why PkgRadar flagged 0.4.2-nightly.202606161117
| Severity | Signal | Evidence |
|---|---|---|
| high | Webhook Exfil Endpoint | matched "api.telegram.org/bot" · package/standalone/apps/web/.next/server/chunks/2190.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.4.2-nightly.202606161117 | High risk | 28 | 2026-06-16 |
0.4.2-nightly.202606151222 | High risk | 28 | 2026-06-15 |
0.4.2-nightly.202606140940 | High risk | 28 | 2026-06-14 |
0.4.2-nightly.202606130921 | High risk | 40 | 2026-06-13 |
0.4.2-nightly.202606121019 | High risk | 40 | 2026-06-13 |
0.4.2-nightly.202606111042 | High risk | 40 | 2026-06-11 |
0.4.2-nightly.202606101007 | High risk | 40 | 2026-06-10 |
0.4.2-nightly.202606081102 | High risk | 40 | 2026-06-10 |
0.4.2-nightly.202606090952 | High risk | 40 | 2026-06-10 |
0.4.2-nightly.202606070918 | High risk | 40 | 2026-06-10 |
0.4.2-nightly.202606060837 | High risk | 40 | 2026-06-10 |
0.4.2-nightly.202606050957 | High risk | 40 | 2026-06-10 |
0.4.2-nightly.202606041001 | High risk | 40 | 2026-06-10 |
0.4.2-nightly.202606031106 | High risk | 40 | 2026-06-10 |
0.4.2-nightly.202606021030 | High risk | 40 | 2026-06-10 |
0.4.2-nightly.202606020412 | High risk | 40 | 2026-06-10 |
0.4.2-nightly.202606011419 | High risk | 40 | 2026-06-10 |
0.4.2-nightly.202606011141 | High risk | 40 | 2026-06-10 |
0.4.2 | High risk | 40 | 2026-06-10 |
0.4.1-nightly.202606010259 | High risk | 40 | 2026-06-10 |
0.4.1 | High risk | 40 | 2026-06-10 |
Block this in CI
pkgradar gate --ecosystem npm @holon-dev/[email protected]