npm · registry.npmjs.org

@thuutri2710/ccs

Js Hidden Powershell: Hidden / non-interactive PowerShell invocation in package code — `-WindowStyle Hidden`, `irm | iex`, `windowsHide: true`, or equivalent — used to download-and-run payloads on Windows installers.

Why PkgRadar flagged 8.7.0

Severity	Signal	Evidence
high	Js Hidden Powershell	Hidden / non-interactive PowerShell invocation in package code — `-WindowStyle Hidden`, `irm \| iex`, `windowsHide: true`, or equivalent — used to download-and-run payloads on Windows installers. · package/dist/utils/claude-detector.js
medium	Credential file access	matched "github_token" · package/dist/copilot/copilot-auth.js
medium	New Account With Lifecycle Hook	package first published 0 day(s) ago, 6 total version(s), has lifecycle hook · package.json

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`8.7.0`	High risk	70	2026-06-11
`8.8.0`	High risk	70	2026-06-11
`8.6.0`	High risk	70	2026-06-11
`8.5.0`	High risk	70	2026-06-11
`8.4.0`	High risk	70	2026-06-11
`8.3.0`	High risk	70	2026-06-11

Block this in CI

PkgRadar gates @thuutri2710/ccs (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @thuutri2710/[email protected]

Start free — 25 scans / mo View full evidence