PkgRadar

npm · registry.npmjs.org

@infisical/cli

Remote Payload: matched "github.com/Infisical/cli/releases/download"

Why PkgRadar flagged 0.43.96

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/Infisical/cli/releases/download" · package/src/index.cjs

Scanned versions

VersionVerdictScoreScanned (UTC)
0.43.96Review52026-06-17
0.43.93Review52026-06-12
0.43.91Review52026-06-04
0.43.90Review52026-06-01
0.43.89Review52026-05-29
0.43.88Review52026-05-29
0.43.86Review52026-05-27
0.43.87Review52026-05-27

Block this in CI

PkgRadar gates @infisical/cli (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @infisical/[email protected]
Start free — 25 scans / moView full evidence