PkgRadar

npm · registry.npmjs.org

@zuplo/deno-bin

Remote Payload: matched "github.com/denoland/deno/releases/download"

Why PkgRadar flagged 1.36.4

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/denoland/deno/releases/download" · package/install.js

Scanned versions

VersionVerdictScoreScanned (UTC)
1.36.4Review172026-06-16
1.37.1Review172026-06-16

Block this in CI

PkgRadar gates @zuplo/deno-bin (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @zuplo/[email protected]
Start free — 25 scans / moView full evidence