npm · registry.npmjs.org
@intentsolutionsio/tweetclaw
Install Lifecycle Remote Or Exec: postinstall="node -e \"console.log(\\\"\\\\n→ This npm package is a tracking/proof artifact. Install the plugin via:\\\\n ccpi install tweetclaw\\\\n or /plugin install tweetclaw@claude-code-plugins-plus in Claude Code\\\\n\\\")\""
Why PkgRadar flagged 1.5.3
| Severity | Signal | Evidence |
|---|---|---|
| high | Install Lifecycle Remote Or Exec | postinstall="node -e \"console.log(\\\"\\\\n→ This npm package is a tracking/proof artifact. Install the plugin via:\\\\n ccpi install tweetclaw\\\\n or /plugin install tweetclaw@claude-code-plugins-plus in Claude Code\\\\n\\\")\"" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.5.3 | High risk | 35 | 2026-06-08 |
1.5.4 | High risk | 35 | 2026-06-08 |
Block this in CI
pkgradar gate --ecosystem npm @intentsolutionsio/[email protected]