PkgRadar

npm · registry.npmjs.org

@tencentdb-agent-memory/memory-tencentdb

Install Lifecycle Suppresses Failure: postinstall="bash scripts/openclaw-after-tool-call-messages.patch.sh 2>/dev/null || true"

Why PkgRadar flagged 1.0.0

SeveritySignalEvidence
highInstall Lifecycle Suppresses Failurepostinstall="bash scripts/openclaw-after-tool-call-messages.patch.sh 2>/dev/null || true" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
1.0.0High risk172026-06-11
0.3.6High risk172026-06-10
0.3.6-beta.4High risk172026-06-10
0.3.6-beta.2High risk252026-06-10
0.3.6-beta.3High risk252026-06-10
1.0.0-beta.4High risk252026-06-10
1.0.0-beta.2High risk252026-06-10
1.0.0-beta.3High risk172026-06-10

Block this in CI

PkgRadar gates @tencentdb-agent-memory/memory-tencentdb (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @tencentdb-agent-memory/[email protected]
Start free — 25 scans / moView full evidence