PkgRadar

npm · registry.npmjs.org

@nimble-way/nimble-cli

Remote Payload: matched "github.com/Nimbleway/nimble-cli/releases/download"

Why PkgRadar flagged 0.12.0

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/Nimbleway/nimble-cli/releases/download" · package/install.js

Scanned versions

VersionVerdictScoreScanned (UTC)
0.12.0Review172026-06-15
0.9.0Review172026-06-15
0.10.0Review172026-06-15
0.11.0Review172026-06-15

Block this in CI

PkgRadar gates @nimble-way/nimble-cli (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @nimble-way/[email protected]
Start free — 25 scans / moView full evidence