npm · registry.npmjs.org
@onekeyfe/hd-core
Webhook Exfil Endpoint: matched "ngrok-free.app"
Why PkgRadar flagged 1.1.27-alpha.37
| Severity | Signal | Evidence |
|---|---|---|
| high | Webhook Exfil Endpoint | matched "ngrok-free.app" · package/src/utils/networkUtils.ts |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.1.27-alpha.37 | High risk | 20 | 2026-06-13 |
1.1.27-alpha.36 | High risk | 20 | 2026-06-13 |
1.2.0-alpha.0 | High risk | 20 | 2026-06-11 |
1.1.27-patch.1 | High risk | 25 | 2026-06-11 |
1.1.27-alpha.4 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.35 | High risk | 20 | 2026-06-10 |
1.1.27-alpha.34 | High risk | 20 | 2026-06-10 |
1.1.27 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.45 | High risk | 20 | 2026-06-10 |
1.1.27-alpha.7 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.43 | High risk | 20 | 2026-06-10 |
1.1.27-alpha.42 | High risk | 20 | 2026-06-10 |
1.1.27-alpha.6 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.100 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.41 | High risk | 20 | 2026-06-10 |
1.1.27-alpha.5 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.39 | High risk | 20 | 2026-06-10 |
1.1.27-alpha.40 | High risk | 20 | 2026-06-10 |
1.1.27-alpha.38 | High risk | 20 | 2026-06-10 |
1.1.27-alpha.101 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.3 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.2 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.1 | Review | 50 | 2026-05-25 |
1.1.26-patch.2 | Low risk | 0 | 2026-05-25 |
1.1.27-alpha.33 | Low risk | 0 | 2026-05-25 |
1.1.26-patch.1 | Low risk | 0 | 2026-05-25 |
Block this in CI
pkgradar gate --ecosystem npm @onekeyfe/[email protected]