npm · registry.npmjs.org

@ledgerhq/revault-cli

Js Obfuscated Fetch Exec

Why PkgRadar flagged 0.21.13

Severity	Signal	Evidence
high	Js Obfuscated Fetch Exec	package/dist/index.js

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`0.21.13`	High risk	22	2026-06-23
`0.21.12`	High risk	22	2026-06-23
`0.21.11`	Low risk	0	2026-06-19
`0.21.10`	Low risk	0	2026-06-17
`0.21.9`	Low risk	0	2026-06-16
`0.21.8`	Low risk	0	2026-06-15
`0.21.6`	Low risk	0	2026-06-11
`0.21.7`	Low risk	0	2026-06-11
`0.21.3`	Low risk	0	2026-06-02
`0.21.2`	Low risk	0	2026-05-28
`0.21.1`	Low risk	0	2026-05-27
`0.21.0`	Low risk	0	2026-05-26
`0.20.7`	Low risk	0	2026-05-25
`0.20.6`	Low risk	0	2026-05-25

Block this in CI

PkgRadar gates @ledgerhq/revault-cli (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @ledgerhq/[email protected]