npm · registry.npmjs.org

@shnitzel/plugscout

Credential file access: matched "GITHUB_TOKEN"

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`0.3.35`	Low risk	0	2026-06-06
`0.3.34`	Low risk	0	2026-06-06
`0.3.33`	Low risk	0	2026-06-02
`0.3.32`	Low risk	0	2026-05-31
`0.3.31`	Low risk	0	2026-05-31
`0.3.30`	Low risk	0	2026-05-31
`0.3.29`	Low risk	0	2026-05-31
`0.3.28`	Low risk	0	2026-05-31
`0.3.27`	Low risk	0	2026-05-31
`0.3.26`	Low risk	0	2026-05-31
`0.3.25`	Low risk	0	2026-05-30
`0.3.24`	Low risk	0	2026-05-30
`0.3.23`	Low risk	0	2026-05-30
`0.3.22`	Low risk	0	2026-05-30
`0.3.20`	Low risk	0	2026-05-29
`0.3.21`	Low risk	0	2026-05-29
`0.3.12`	Review	3	2026-05-29
`0.3.13`	Review	3	2026-05-29
`0.3.9`	Review	3	2026-05-28
`0.3.10`	Review	3	2026-05-28
`0.3.5`	Review	15	2026-05-28
`0.3.6`	Review	15	2026-05-28

Block this in CI

PkgRadar gates @shnitzel/plugscout (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @shnitzel/[email protected]