PkgRadar

npm · registry.npmjs.org

@telora/mcp-products

Install Lifecycle Suppresses Failure: postinstall="node scripts/postinstall.js || true"

Why PkgRadar flagged 0.22.37

SeveritySignalEvidence
highInstall Lifecycle Suppresses Failurepostinstall="node scripts/postinstall.js || true" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
0.22.37High risk172026-06-13
0.22.59High risk172026-06-11
0.22.57High risk172026-06-11
0.22.55High risk172026-06-11
0.22.54High risk172026-06-10
0.22.34High risk252026-06-10
0.22.33High risk252026-06-10
0.22.30High risk252026-06-10
0.22.32High risk252026-06-10
0.22.52High risk172026-06-10
0.22.49High risk252026-06-10
0.22.48High risk172026-06-10
0.22.47High risk252026-06-10
0.22.45High risk172026-06-10
0.22.44High risk252026-06-10
0.22.42High risk172026-06-10
0.22.41High risk172026-06-10
0.22.40High risk172026-06-10
0.22.39High risk172026-06-10
0.22.38High risk172026-06-10

Block this in CI

PkgRadar gates @telora/mcp-products (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @telora/[email protected]
Start free — 25 scans / moView full evidence