PkgRadar

npm · registry.npmjs.org

@okx_ai/okx-trade-mcp

Install Lifecycle Suppresses Failure: postinstall="node scripts/postinstall.js || exit 0"

Why PkgRadar flagged 1.3.8

SeveritySignalEvidence
highInstall Lifecycle Suppresses Failurepostinstall="node scripts/postinstall.js || exit 0" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
1.3.8High risk302026-06-11
1.3.8-beta.7High risk302026-06-11
1.3.8-beta.5High risk302026-06-10
1.3.8-beta.4High risk302026-06-10
1.3.8-beta.3High risk302026-06-10
1.3.8-beta.1High risk302026-06-10
1.3.7High risk302026-06-10
1.3.6High risk302026-06-10
1.3.6-beta.1High risk302026-06-10

Block this in CI

PkgRadar gates @okx_ai/okx-trade-mcp (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @okx_ai/[email protected]
Start free — 25 scans / moView full evidence