npm · registry.npmjs.org
@zero-transfer/sdk
Install Lifecycle Remote Or Exec: postinstall="node -e \"try{require('node:fs').accessSync('scripts/link-sdk.mjs');require('node:child_process').execSync('node scripts/link-sdk.mjs',{stdio:'inherit'})}catch(e){if(e.code!=='ENOENT')process.exit(1)}\""
Why PkgRadar flagged 0.4.2
| Severity | Signal | Evidence |
|---|---|---|
| high | Install Lifecycle Remote Or Exec | postinstall="node -e \"try{require('node:fs').accessSync('scripts/link-sdk.mjs');require('node:child_process').execSync('node scripts/link-sdk.mjs',{stdio:'inherit'})}catch(e){if(e.code!=='ENOENT')process.exit(1)}\"" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.4.2 | High risk | 35 | 2026-06-11 |
0.4.6 | High risk | 35 | 2026-06-11 |
0.4.7 | High risk | 35 | 2026-06-11 |
0.4.8 | High risk | 35 | 2026-06-11 |
Block this in CI
pkgradar gate --ecosystem npm @zero-transfer/[email protected]