PkgRadar

npm · registry.npmjs.org

autotel-vitest

Native Addon Gyp Action, Large Javascript Payload

Why PkgRadar flagged 0.4.26

SeveritySignalEvidence
highNative Addon Gyp Actionpackage/binding.gyp

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
0.4.26High risk102026-06-22
0.4.34Low risk02026-06-20
0.4.33Low risk02026-06-20
0.4.32Low risk02026-06-20
0.4.31Low risk02026-06-16
0.4.30Low risk02026-06-15
0.4.29Low risk02026-06-12
0.4.28Low risk02026-06-12
0.4.27Low risk02026-06-06
0.4.25Low risk02026-06-03
0.4.24Low risk02026-06-01
0.4.23Low risk02026-05-31
0.4.22Low risk02026-05-29
0.4.21Low risk02026-05-28
0.4.19Low risk02026-05-24
0.4.20Low risk02026-05-24

Campaign attribution

Part of the Miasma worm campaign.

Block this in CI

PkgRadar gates autotel-vitest (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence