PkgRadar

npm · registry.npmjs.org

@ritwikamit/cl8

Install Lifecycle Remote Or Exec: postinstall="node -e \"console.log('\\n CL8 installed! Run \\'cl8\\' to start.\\n')\""

Why PkgRadar flagged 0.1.0-alpha.35

SeveritySignalEvidence
highInstall Lifecycle Remote Or Execpostinstall="node -e \"console.log('\\n CL8 installed! Run \\'cl8\\' to start.\\n')\"" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
0.1.0-alpha.35High risk352026-06-10
0.1.0-alpha.34High risk242026-06-10
0.1.0-alpha.33High risk352026-06-10
0.1.0-alpha.32High risk352026-06-10
0.1.0-alpha.31High risk242026-06-10
0.1.0-alpha.30High risk242026-06-10
0.1.0-alpha.29High risk352026-06-10
0.1.0-alpha.28High risk352026-06-10
0.1.0-alpha.27High risk242026-06-10
0.1.0-alpha.26High risk242026-06-10
0.1.0-alpha.25High risk242026-06-10
0.1.0-alpha.23High risk242026-06-10
0.1.0-alpha.24High risk242026-06-10
0.1.0-alpha.22High risk242026-06-10
0.1.0-alpha.21High risk352026-06-10
0.1.0-alpha.19High risk242026-06-10
0.1.0-alpha.20High risk242026-06-10
0.1.0-alpha.18High risk242026-06-10
0.1.0-alpha.17High risk352026-06-10
0.1.0-alpha.16High risk352026-06-10
0.1.0-alpha.15High risk242026-06-10
0.1.0-alpha.14High risk242026-06-10
0.1.0-alpha.12High risk242026-06-10
0.1.0-alpha.13High risk242026-06-10
0.1.0-alpha.10High risk242026-06-10
0.1.0-alpha.11High risk242026-06-10
0.1.0-alpha.9High risk242026-06-10
0.1.0-alpha.8High risk242026-06-10

Campaign attribution

Part of the Clob dropper campaign.

Block this in CI

PkgRadar gates @ritwikamit/cl8 (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @ritwikamit/[email protected]
Start free — 25 scans / moView full evidence