npm · registry.npmjs.org

@ww-ai-lab/openclaw-office

Obfuscation Density: high encoded/escaped-token density

Why PkgRadar flagged 2026.5.10-beta.1

Severity	Signal	Evidence
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/assets/chunk-4TB4RGXK-Ck4hmMbI.js
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/assets/flowDiagram-DWJPFMVM-C17b_QIv.js

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`2026.6.11`	Low risk	0	2026-06-11
`2026.6.3`	Low risk	0	2026-06-03
`2026.6.2-beta.4`	Low risk	0	2026-06-02
`2026.6.2-beta.3`	Low risk	0	2026-06-02
`2026.6.2-beta.2`	Low risk	0	2026-06-02
`2026.6.2-beta.1`	Low risk	0	2026-06-02
`2026.5.10-beta.1`	Review	24	2026-05-25
`2026.5.20`	Review	24	2026-05-25

Block this in CI

PkgRadar gates @ww-ai-lab/openclaw-office (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @ww-ai-lab/[email protected]