npm · registry.npmjs.org

@sovovs/bycli

Known Indicator Filename: package/dist/src/browser/stealth.js

Why PkgRadar flagged 1.8.0

Severity	Signal	Evidence
high	Known Indicator Filename	package/dist/src/browser/stealth.js · package/dist/src/browser/stealth.js
high	New Account With Lifecycle Hook	package first published 0 day(s) ago, 1 total version(s), has lifecycle hook · package.json
high	Install Lifecycle Suppresses Failure	postinstall="node scripts/postinstall.js \|\| true; node scripts/fetch-adapters.js \|\| true" · package.json

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`1.8.0`	High risk	70	2026-06-12

Block this in CI

PkgRadar gates @sovovs/bycli (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @sovovs/[email protected]