npm · registry.npmjs.org

@myoc/excalidraw

Remote Payload: matched "raw.githubusercontent.com"

Why PkgRadar flagged 0.19.509

Severity	Signal	Evidence
medium	Remote Payload	matched "raw.githubusercontent.com" · package/dist/prod/index.js
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/prod/index.js
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/dev/locales/ar-SA-U3PIVEZH.js
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/dev/locales/az-AZ-COAM4HVM.js
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/dev/locales/bg-BG-D6B2W7JL.js
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/dev/locales/bn-BD-BU7GZAZW.js
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/dev/locales/bn-IN-MYKDEVNA.js
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/dev/locales/ca-ES-GEEW5L7T.js
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/dev/locales/cs-CZ-LNVE3QM5.js
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/dev/locales/de-CH-GCXOD4LK.js
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/dev/locales/de-DE-CGDBECYD.js
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/dev/locales/el-GR-G5QZC24A.js

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`0.19.519`	Low risk	0	2026-06-09
`0.19.518`	Low risk	0	2026-05-29
`0.19.517`	Low risk	0	2026-05-28
`0.19.515`	Low risk	0	2026-05-27
`0.19.516`	Low risk	0	2026-05-27
`0.19.514`	Low risk	0	2026-05-27
`0.19.513`	Low risk	0	2026-05-26
`0.19.511`	Low risk	0	2026-05-25
`0.19.512`	Low risk	0	2026-05-25
`0.19.509`	Review	12	2026-05-24
`0.19.510`	Review	12	2026-05-24

Related campaigns

Block this in CI

PkgRadar gates @myoc/excalidraw (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @myoc/[email protected]