PkgRadar

npm · registry.npmjs.org

@quackai/q402-mcp

Obfuscation Density: high encoded/escaped-token density

Why PkgRadar flagged 0.6.3

SeveritySignalEvidence
mediumObfuscation Densityhigh encoded/escaped-token density · package/dist/index.js

Scanned versions

VersionVerdictScoreScanned (UTC)
0.8.21Low risk02026-06-12
0.8.20Low risk02026-06-11
0.8.19Low risk02026-06-11
0.8.18Low risk02026-06-11
0.8.17Low risk02026-06-10
0.8.16Low risk02026-06-10
0.8.15Low risk02026-06-09
0.8.14Low risk02026-06-08
0.8.13Low risk02026-06-08
0.8.11Low risk02026-06-08
0.8.12Low risk02026-06-08
0.8.10Low risk02026-06-07
0.8.9Low risk02026-06-06
0.8.8Low risk02026-06-06
0.8.7Low risk02026-06-06
0.8.6Low risk02026-06-06
0.8.5Low risk02026-06-06
0.8.4Low risk02026-06-05
0.8.3Low risk02026-06-05
0.8.2Low risk02026-06-05
0.8.1Low risk02026-06-05
0.8.0Low risk02026-06-05
0.7.6Low risk02026-06-01
0.7.5Low risk02026-06-01
0.7.4Low risk02026-06-01
0.7.3Low risk02026-05-29
0.7.2Low risk02026-05-29
0.7.1Low risk02026-05-29
0.7.0Low risk02026-05-29
0.6.5Low risk02026-05-29
0.6.6Low risk02026-05-29
0.6.3Review82026-05-28
0.6.2Review122026-05-28
0.6.1Review82026-05-27
0.5.17Review82026-05-26
0.6.0Review82026-05-26

Block this in CI

PkgRadar gates @quackai/q402-mcp (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @quackai/[email protected]
Start free — 25 scans / moView full evidence