PkgRadar

npm · registry.npmjs.org

@moluoxixi/create-app

Credential File Packaged: package/templates/common/base/.env

Why PkgRadar flagged 2.0.443

SeveritySignalEvidence
highCredential File Packagedpackage/templates/common/base/.env · package/templates/common/base/.env

Scanned versions

VersionVerdictScoreScanned (UTC)
2.0.443Review102026-06-03
2.0.444Review102026-06-03

Block this in CI

PkgRadar gates @moluoxixi/create-app (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @moluoxixi/[email protected]
Start free — 25 scans / moView full evidence