npm · registry.npmjs.org
@onekeyfe/hd-web-sdk
Webhook Exfil Endpoint: matched "ngrok-free.app"
Why PkgRadar flagged 1.1.27-alpha.37
| Severity | Signal | Evidence |
|---|---|---|
| high | Webhook Exfil Endpoint | matched "ngrok-free.app" · package/build/js/iframe.843f3d6909cdf977db27.js |
| high | Webhook Exfil Endpoint | matched "ngrok-free.app" · package/build/onekey-js-sdk.min.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.1.27-alpha.37 | High risk | 25 | 2026-06-13 |
1.1.27-alpha.36 | High risk | 25 | 2026-06-13 |
1.1.28 | High risk | 25 | 2026-06-12 |
1.1.27-patch.1 | High risk | 25 | 2026-06-11 |
1.1.27-alpha.4 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.35 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.34 | High risk | 25 | 2026-06-10 |
1.1.27 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.45 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.7 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.43 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.42 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.6 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.100 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.41 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.5 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.39 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.40 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.38 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.101 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.3 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.2 | High risk | 25 | 2026-06-10 |
1.1.27-alpha.1 | Review | 60 | 2026-05-25 |
1.1.26-patch.2 | Review | 10 | 2026-05-25 |
1.1.27-alpha.33 | Review | 10 | 2026-05-25 |
1.1.26-patch.1 | Review | 10 | 2026-05-25 |
Block this in CI
pkgradar gate --ecosystem npm @onekeyfe/[email protected]