npm · registry.npmjs.org
@lemon30_npm/csit-vue2
Install Lifecycle Remote Or Exec: postinstall="node -e \"var f=require('fs'),p=require('path');var cwd=process.env.INIT_CWD;if(!cwd)return;var dest=p.join(cwd,'.claude/skills/csit-vue2');if(f.existsSync(dest))return;var src=p.join(__dirname,'.claude/skills/csit-vue2');if(!f.existsSync(src))return;var skillsDir=p.join(cwd,'.claude/skills');f.mkdirSync(skillsDir,{recursive:true});f.cpSync(src,dest,{recursive:true});console.log('✅ csit-vue2 Skill 自动安装成功: .claude/skills/csit-vue2/')\""
Why PkgRadar flagged 0.0.11
| Severity | Signal | Evidence |
|---|---|---|
| high | New Lifecycle Script Vs Previous | postinstall added in 0.0.11 vs 0.0.10: "node -e \"var f=require('fs'),p=require('path');var cwd=process.env.INIT_CWD;if(!cwd)return;var dest=p.join(cwd,'.claude/skills/csit-vue2');if(f.existsSync(dest))return;var src=p.join(__dirname,'.claude/skills/csit-vue2');if(!f.existsSync(src))return;var skillsDir=p.join(cwd,'.claude/skills');f.mkdirSync(skillsDir,{recursive:true});f.cpSync(src,dest,{recursive:true});console.log('✅ csit-vue2 Skill 自动安装成功: .claude/skills/csit-vue2/')\"" · package.json |
| high | Install Lifecycle Remote Or Exec | postinstall="node -e \"var f=require('fs'),p=require('path');var cwd=process.env.INIT_CWD;if(!cwd)return;var dest=p.join(cwd,'.claude/skills/csit-vue2');if(f.existsSync(dest))return;var src=p.join(__dirname,'.claude/skills/csit-vue2');if(!f.existsSync(src))return;var skillsDir=p.join(cwd,'.claude/skills');f.mkdirSync(skillsDir,{recursive:true});f.cpSync(src,dest,{recursive:true});console.log('✅ csit-vue2 Skill 自动安装成功: .claude/skills/csit-vue2/')\"" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.0.14 | Review | 5 | 2026-06-07 |
0.0.13 | Review | 5 | 2026-06-07 |
0.0.12 | Review | 5 | 2026-06-07 |
0.0.11 | High risk | 75 | 2026-06-07 |
0.0.4 | Low risk | 0 | 2026-06-06 |
0.0.10 | Low risk | 0 | 2026-06-06 |
Block this in CI
pkgradar gate --ecosystem npm @lemon30_npm/[email protected]