npm · registry.npmjs.org
@obfuscan/core
Js Hidden Powershell: Hidden / non-interactive PowerShell invocation in package code — `-WindowStyle Hidden`, `irm | iex`, `windowsHide: true`, or equivalent — used to download-and-run payloads on Windows installers.
Why PkgRadar flagged 0.1.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Js Hidden Powershell | Hidden / non-interactive PowerShell invocation in package code — `-WindowStyle Hidden`, `irm | iex`, `windowsHide: true`, or equivalent — used to download-and-run payloads on Windows installers. · package/dist/detectors/manifest-install-script.js |
| high | Js Hidden Powershell | Hidden / non-interactive PowerShell invocation in package code — `-WindowStyle Hidden`, `irm | iex`, `windowsHide: true`, or equivalent — used to download-and-run payloads on Windows installers. · package/dist/detectors/network-then-exec.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.1.0 | Review | 50 | 2026-06-05 |
0.2.0 | Review | 15 | 2026-06-05 |
Block this in CI
pkgradar gate --ecosystem npm @obfuscan/[email protected]