npm · registry.npmjs.org
@intentsolutionsio/wondelai-crossing-the-chasm
Install Lifecycle Remote Or Exec: postinstall="node -e \"console.log(\\\"\\\\n→ This npm package is a tracking/proof artifact. Install the plugin via:\\\\n ccpi install wondelai-crossing-the-chasm\\\\n or /plugin install wondelai-crossing-the-chasm@claude-code-plugins-plus in Claude Code\\\\n\\\")\""
Why PkgRadar flagged 1.0.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Install Lifecycle Remote Or Exec | postinstall="node -e \"console.log(\\\"\\\\n→ This npm package is a tracking/proof artifact. Install the plugin via:\\\\n ccpi install wondelai-crossing-the-chasm\\\\n or /plugin install wondelai-crossing-the-chasm@claude-code-plugins-plus in Claude Code\\\\n\\\")\"" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.0.0 | High risk | 35 | 2026-06-08 |
1.0.3 | High risk | 35 | 2026-06-08 |
Block this in CI
pkgradar gate --ecosystem npm @intentsolutionsio/[email protected]