PkgRadar

npm · registry.npmjs.org

@onekeyfe/cross-inpage-provider-injected

Large Javascript Payload: 2124666 bytes

Why PkgRadar flagged 2.2.70

SeveritySignalEvidence
mediumLarge Javascript Payload2124666 bytes · package/dist/injected/injectedDesktop.js
mediumLarge Javascript Payload2124951 bytes · package/dist/injected/injectedDesktopCode.js
mediumLarge Javascript Payload2159884 bytes · package/dist/injected/injectedDesktopPreload.js
mediumLarge Javascript Payload2145435 bytes · package/dist/injected/injectedExtension.js
mediumLarge Javascript Payload2147518 bytes · package/dist/injected/injectedNative.js

Scanned versions

VersionVerdictScoreScanned (UTC)
2.2.70Review252026-05-28
2.2.71Review252026-05-28

Block this in CI

PkgRadar gates @onekeyfe/cross-inpage-provider-injected (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @onekeyfe/[email protected]
Start free — 25 scans / moView full evidence