npm · registry.npmjs.org
@proxysoul/soulforge
Remote Payload: matched "curl "
Why PkgRadar flagged 2.18.0
| Severity | Signal | Evidence |
|---|---|---|
| high | New Lifecycle Script Vs Previous | postinstall added in 2.18.0 vs 2.17.0: "bun scripts/postinstall.mjs" · package.json |
| medium | Remote Payload | matched "curl " · package/dist/bin.sh |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
2.20.15 | Review | 5 | 2026-06-12 |
2.20.14 | Review | 5 | 2026-06-12 |
2.20.13 | Review | 5 | 2026-06-11 |
2.20.12 | Review | 5 | 2026-06-11 |
2.18.0 | High risk | 57 | 2026-06-10 |
2.20.11 | Review | 5 | 2026-06-09 |
2.20.10 | Review | 5 | 2026-06-09 |
2.20.9 | Review | 5 | 2026-06-09 |
2.20.8 | Review | 5 | 2026-06-08 |
2.20.4 | Review | 5 | 2026-06-08 |
2.20.7 | Review | 5 | 2026-06-08 |
2.20.5 | Review | 5 | 2026-06-04 |
2.20.6 | Review | 5 | 2026-06-04 |
2.20.2 | Review | 5 | 2026-06-03 |
2.20.3 | Review | 5 | 2026-06-03 |
2.20.1 | Review | 5 | 2026-06-03 |
2.20.0 | Review | 5 | 2026-06-02 |
2.19.0 | Review | 5 | 2026-05-31 |
2.18.6 | Review | 5 | 2026-05-30 |
2.18.5 | Review | 5 | 2026-05-30 |
2.18.3 | Review | 11 | 2026-05-27 |
2.18.4 | Review | 11 | 2026-05-27 |
2.18.1 | Review | 14 | 2026-05-27 |
Campaign attribution
Block this in CI
pkgradar gate --ecosystem npm @proxysoul/[email protected]