npm · registry.npmjs.org

@mseep/tmux-claude-mcp-server

Remote Payload, Credential file access

Why PkgRadar flagged 1.0.0

Severity	Signal	Evidence
medium	Remote Payload	package/vm-integration/setup-scripts/claude-dev-setup.sh
medium	Remote Payload	package/vm-integration/setup-scripts/create-project.sh
medium	Remote Payload	package/vm-integration/deploy_orchestration_vm.sh
medium	Remote Payload	package/vm-integration/setup-scripts/install-claude-code-vm.sh
medium	Remote Payload	package/vm-integration/bottleneck_detection/network_speed_script.sh
medium	Remote Payload	package/vm-integration/setup-scripts/setup-claude-code-on-vm.sh
medium	Remote Payload	package/vm-integration/setup-scripts/simple-gcp-vm.sh
medium	Remote Payload	package/vm-integration/start-here.sh

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`1.0.0`	Review	64	2026-06-22

Block this in CI

PkgRadar gates @mseep/tmux-claude-mcp-server (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @mseep/[email protected]