npm · registry.npmjs.org
alvin-bot
Webhook Exfil Endpoint: matched "api.telegram.org/bot"
Why PkgRadar flagged 5.61.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Webhook Exfil Endpoint | matched "api.telegram.org/bot" · package/bin/cli.js |
| medium | Remote Payload | matched "curl " · package/bin/cli.js |
| medium | Remote Payload | matched "api.telegram.org/bot" · package/dist/services/preflight.js |
| medium | Remote Payload | matched "api.telegram.org/bot" · package/dist/web/setup-api.js |
| medium | Remote Payload | matched "curl " · package/dist/providers/tool-executor.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
5.61.0 | High risk | 68 | 2026-06-17 |
5.60.0 | High risk | 99 | 2026-06-16 |
5.59.0 | High risk | 80 | 2026-06-16 |
5.58.0 | High risk | 81 | 2026-06-15 |
5.57.0 | High risk | 56 | 2026-06-15 |
5.56.0 | High risk | 60 | 2026-06-14 |
5.55.0 | High risk | 39 | 2026-06-14 |
5.54.0 | High risk | 39 | 2026-06-14 |
5.53.0 | High risk | 68 | 2026-06-14 |
5.52.0 | High risk | 51 | 2026-06-14 |
5.51.0 | High risk | 44 | 2026-06-14 |
5.50.0 | High risk | 81 | 2026-06-14 |
5.49.0 | High risk | 48 | 2026-06-12 |
5.48.2 | High risk | 69 | 2026-06-11 |
5.48.1 | High risk | 60 | 2026-06-11 |
5.48.0 | High risk | 60 | 2026-06-11 |
5.47.0 | High risk | 68 | 2026-06-11 |
5.46.0 | High risk | 48 | 2026-06-10 |
5.45.1 | High risk | 56 | 2026-06-10 |
5.45.0 | High risk | 60 | 2026-06-10 |
5.24.4 | High risk | 150 | 2026-06-10 |
5.44.1 | High risk | 74 | 2026-06-10 |
5.44.0 | High risk | 56 | 2026-06-10 |
5.43.2 | High risk | 62 | 2026-06-10 |
5.43.1 | High risk | 51 | 2026-06-10 |
5.43.0 | High risk | 51 | 2026-06-10 |
5.42.1 | High risk | 87 | 2026-06-10 |
5.42.0 | High risk | 56 | 2026-06-10 |
5.41.0 | High risk | 39 | 2026-06-10 |
5.40.0 | High risk | 39 | 2026-06-10 |
5.39.0 | High risk | 44 | 2026-06-10 |
5.37.1 | Review | 22 | 2026-06-01 |
5.37.2 | Review | 34 | 2026-06-01 |
5.37.0 | Review | 20 | 2026-06-01 |
5.36.0 | Review | 11 | 2026-06-01 |
5.35.0 | Review | 11 | 2026-06-01 |
5.34.0 | Review | 17 | 2026-05-29 |
5.32.0 | Review | 34 | 2026-05-29 |
5.33.0 | Review | 22 | 2026-05-29 |
5.24.5 | Review | 11 | 2026-05-28 |
5.24.6 | Review | 15 | 2026-05-28 |
5.24.2 | Review | 80 | 2026-05-25 |
5.24.3 | Review | 80 | 2026-05-25 |
5.22.5 | Review | 8 | 2026-05-25 |
5.22.3 | Review | 12 | 2026-05-25 |
5.22.4 | Review | 12 | 2026-05-25 |
5.22.1 | Review | 24 | 2026-05-24 |
5.22.0 | Review | 24 | 2026-05-24 |
5.20.2 | Review | 54 | 2026-05-24 |
5.21.0 | Review | 24 | 2026-05-24 |
5.20.1 | Review | 24 | 2026-05-24 |
5.20.0 | Review | 54 | 2026-05-24 |
5.19.0 | Review | 24 | 2026-05-24 |
5.18.0 | Review | 24 | 2026-05-24 |
5.17.1 | Review | 24 | 2026-05-24 |
5.17.2 | Review | 24 | 2026-05-24 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]