PkgRadar

npm · registry.npmjs.org

@milaboratories/milaboratories.pool-explorer

Manifest Codeless Dependency Stub: package ships no JS/TS source but declares 4 dependency(ies) (0 with loose/empty version specs) — dependency-confusion / install-chain loader shape

Why PkgRadar flagged 1.2.56

SeveritySignalEvidence
mediumManifest Codeless Dependency Stubpackage ships no JS/TS source but declares 4 dependency(ies) (0 with loose/empty version specs) — dependency-confusion / install-chain loader shape · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
1.2.57Low risk02026-06-12
1.2.56Review72026-06-12
1.2.55Review72026-06-11
1.2.54Review72026-06-11
1.2.53Review72026-06-10
1.2.52Review72026-06-10
1.2.51Review72026-06-09
1.2.50Review72026-06-09
1.2.49Review72026-06-09
1.2.48Review72026-06-08
1.2.47Review72026-06-05
1.2.46Review72026-06-05
1.2.45Review72026-06-05
1.2.44Review72026-06-05
1.2.43Review72026-06-04
1.2.42Review72026-06-03
1.2.41Review72026-06-03
1.2.40Review72026-06-02
1.2.39Review72026-06-02
1.2.38Review72026-06-01
1.2.37Review72026-06-01
1.2.36Review72026-06-01
1.2.35Low risk02026-05-29
1.2.34Low risk02026-05-29
1.2.33Low risk02026-05-28
1.2.32Low risk02026-05-28
1.2.31Low risk02026-05-26
1.2.30Low risk02026-05-26
1.2.29Low risk02026-05-25
1.2.28Low risk02026-05-25

Block this in CI

PkgRadar gates @milaboratories/milaboratories.pool-explorer (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @milaboratories/[email protected]
Start free — 25 scans / moView full evidence