PkgRadar

npm · registry.npmjs.org

@ladybugmem/icebug

Install-time lifecycle script: install="node scripts/install.js"

Why PkgRadar flagged 12.7.0

SeveritySignalEvidence
highInstall-time lifecycle scriptinstall="node scripts/install.js" · package.json
highInstall Lifecycle Remote Or Execinstall="node scripts/install.js" · package.json
mediumRemote Payloadmatched "github.com/${REPO}/releases/download" · package/scripts/download-icebug.sh

Scanned versions

VersionVerdictScoreScanned (UTC)
12.7.0Review472026-05-24
12.8.0Review472026-05-24

Block this in CI

PkgRadar gates @ladybugmem/icebug (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @ladybugmem/[email protected]
Start free — 25 scans / moView full evidence