PkgRadar

npm · registry.npmjs.org

@poncho-ai/cli

Credential file access: matched "GITHUB_TOKEN"

Scanned versions

VersionVerdictScoreScanned (UTC)
0.40.41Low risk02026-06-12
0.40.40Low risk02026-06-12
0.40.39Low risk02026-06-12
0.40.38Low risk02026-06-12
0.40.37Low risk02026-06-12
0.40.36Low risk02026-06-12
0.40.35Low risk02026-06-12
0.40.34Low risk02026-06-12
0.40.33Low risk02026-06-12
0.40.32Low risk02026-06-11
0.40.31Low risk02026-06-11
0.40.30Low risk02026-06-11
0.40.29Low risk02026-06-11
0.40.26Low risk02026-06-11
0.40.28Low risk02026-06-11
0.40.23Low risk02026-06-11
0.40.24Low risk02026-06-11
0.32.1Low risk02026-06-11
0.35.0Low risk02026-06-11
0.33.0Low risk02026-06-11
0.40.22Low risk02026-06-09
0.40.19Low risk02026-06-09
0.40.20Low risk02026-06-04
0.40.21Low risk02026-06-04
0.40.18Low risk02026-06-03
0.40.17Low risk02026-06-02
0.40.16Low risk02026-06-01
0.40.15Low risk02026-05-31
0.40.13Review102026-05-28
0.40.14Review102026-05-28
0.40.11Review102026-05-27
0.40.12Review102026-05-27

Block this in CI

PkgRadar gates @poncho-ai/cli (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @poncho-ai/[email protected]
Start free — 25 scans / moView full evidence