npm · registry.npmjs.org
@hongmaple0820/scale-engine
Remote Payload: matched "curl "
Why PkgRadar flagged 0.40.2
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · package/dist/guardrails/advancedDetectors.js |
| medium | Remote Payload | matched "Invoke-WebRequest" · package/dist/workflow/gates/GateSystem.js |
| medium | Remote Payload | matched "curl " · package/dist/workflow/GovernanceTemplates.js |
| medium | Remote Payload | matched "curl " · package/dist/capabilities/InstalledSkillsIntegration.js |
| medium | Remote Payload | matched "Invoke-WebRequest" · package/dist/workflow/ReviewAnalyzer.js |
| medium | Remote Payload | matched "Invoke-WebRequest" · package/dist/skills/SkillRepository.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.49.0 | Low risk | 0 | 2026-06-12 |
0.48.0 | Low risk | 0 | 2026-06-05 |
0.47.0 | Low risk | 0 | 2026-06-04 |
0.46.0 | Low risk | 0 | 2026-06-03 |
0.45.0 | Low risk | 0 | 2026-06-03 |
0.44.0 | Low risk | 0 | 2026-06-02 |
0.43.0 | Low risk | 0 | 2026-05-28 |
0.40.2 | Review | 77 | 2026-05-25 |
0.40.1 | Review | 102 | 2026-05-24 |
0.39.0 | Review | 102 | 2026-05-24 |
0.40.0 | Review | 102 | 2026-05-24 |
Block this in CI
pkgradar gate --ecosystem npm @hongmaple0820/[email protected]