npm · registry.npmjs.org

baldart

Remote Payload: matched "curl "

Why PkgRadar flagged 3.25.0

Severity	Signal	Evidence
medium	Remote Payload	matched "curl " · package/framework/.claude/skills/kie-ai/scripts/kie_api.sh
medium	Remote Payload	matched "curl " · package/framework/.claude/skills/kie-ai/scripts/setup_api_key.sh

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`4.51.0`	Low risk	0	2026-06-17
`4.50.0`	Low risk	0	2026-06-17
`4.49.1`	Low risk	0	2026-06-17
`4.49.0`	Low risk	0	2026-06-17
`4.46.0`	Low risk	0	2026-06-17
`4.48.0`	Low risk	0	2026-06-17
`4.47.0`	Low risk	0	2026-06-17
`4.45.0`	Low risk	0	2026-06-15
`4.43.1`	Low risk	0	2026-06-15
`4.41.0`	Low risk	0	2026-06-15
`4.43.0`	Low risk	0	2026-06-15
`4.42.0`	Low risk	0	2026-06-15
`4.40.0`	Low risk	0	2026-06-15
`4.39.0`	Low risk	0	2026-06-15
`4.38.0`	Low risk	0	2026-06-15
`4.37.0`	Low risk	0	2026-06-15
`4.36.0`	Low risk	0	2026-06-13
`4.34.2`	Low risk	0	2026-06-13
`4.35.0`	Low risk	0	2026-06-13
`4.34.1`	Low risk	0	2026-06-12
`4.34.0`	Low risk	0	2026-06-12
`4.33.2`	Low risk	0	2026-06-12
`4.33.1`	Low risk	0	2026-06-12
`4.33.0`	Low risk	0	2026-06-12
`4.32.0`	Low risk	0	2026-06-12
`4.31.1`	Low risk	0	2026-06-11
`4.31.0`	Low risk	0	2026-06-11
`4.30.1`	Low risk	0	2026-06-11
`4.30.0`	Low risk	0	2026-06-11
`4.29.1`	Low risk	0	2026-06-11
`4.29.0`	Low risk	0	2026-06-11
`4.28.1`	Low risk	0	2026-06-11
`4.28.0`	Low risk	0	2026-06-11
`4.27.2`	Low risk	0	2026-06-11
`4.27.1`	Low risk	0	2026-06-11
`4.27.0`	Low risk	0	2026-06-11
`4.26.1`	Low risk	0	2026-06-11
`4.26.0`	Low risk	0	2026-06-11
`4.25.0`	Low risk	0	2026-06-11
`4.24.2`	Low risk	0	2026-06-10
`4.24.3`	Low risk	0	2026-06-10
`4.24.1`	Low risk	0	2026-06-10
`4.24.0`	Low risk	0	2026-06-10
`4.23.0`	Low risk	0	2026-06-09
`4.22.1`	Low risk	0	2026-06-09
`4.22.0`	Low risk	0	2026-06-09
`4.21.1`	Low risk	0	2026-06-09
`4.21.0`	Low risk	0	2026-06-09
`4.19.0`	Low risk	0	2026-06-08
`4.18.0`	Low risk	0	2026-06-08
`4.17.2`	Low risk	0	2026-06-08
`4.17.1`	Low risk	0	2026-06-08
`4.17.0`	Low risk	0	2026-06-07
`4.16.2`	Low risk	0	2026-06-06
`4.16.1`	Low risk	0	2026-06-05
`4.16.0`	Low risk	0	2026-06-05
`4.15.0`	Low risk	0	2026-06-04
`4.14.1`	Low risk	0	2026-06-04
`4.13.0`	Low risk	0	2026-06-04
`4.14.0`	Low risk	0	2026-06-04
`4.12.0`	Low risk	0	2026-06-04
`4.11.0`	Low risk	0	2026-06-04
`4.10.0`	Low risk	0	2026-06-04
`4.8.0`	Low risk	0	2026-06-03
`4.9.0`	Low risk	0	2026-06-03
`4.7.0`	Low risk	0	2026-06-03
`4.5.0`	Low risk	0	2026-06-03
`4.6.0`	Low risk	0	2026-06-03
`4.2.2`	Low risk	0	2026-06-03
`4.3.0`	Low risk	0	2026-06-03
`4.2.0`	Low risk	0	2026-06-03
`4.1.1`	Low risk	0	2026-06-02
`4.1.0`	Low risk	0	2026-06-02
`4.0.4`	Low risk	0	2026-06-02
`4.0.3`	Low risk	0	2026-06-02
`4.0.2`	Low risk	0	2026-06-02
`4.0.1`	Low risk	0	2026-06-02
`4.0.0`	Low risk	0	2026-06-01
`3.41.0`	Low risk	0	2026-06-01
`3.39.0`	Low risk	0	2026-06-01
`3.40.0`	Low risk	0	2026-06-01
`3.38.0`	Low risk	0	2026-06-01
`3.37.0`	Low risk	0	2026-05-30
`3.36.0`	Low risk	0	2026-05-30
`3.35.2`	Low risk	0	2026-05-30
`3.35.1`	Low risk	0	2026-05-30
`3.35.0`	Low risk	0	2026-05-30
`3.34.0`	Low risk	0	2026-05-30
`3.33.1`	Low risk	0	2026-05-30
`3.33.0`	Low risk	0	2026-05-30
`3.32.0`	Low risk	0	2026-05-30
`3.31.0`	Low risk	0	2026-05-30
`3.30.0`	Low risk	0	2026-05-29
`3.29.0`	Low risk	0	2026-05-29
`3.28.3`	Low risk	0	2026-05-28
`3.28.2`	Low risk	0	2026-05-28
`3.28.0`	Low risk	0	2026-05-28
`3.28.1`	Low risk	0	2026-05-28
`3.25.0`	Review	24	2026-05-27
`3.26.0`	Review	16	2026-05-27
`3.21.1`	Review	16	2026-05-26
`3.21.2`	Review	16	2026-05-26
`3.18.1`	Review	24	2026-05-25
`3.18.0`	Review	24	2026-05-25
`3.17.1`	Review	24	2026-05-25

Block this in CI

PkgRadar gates baldart (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]

Start free — 25 scans / mo View full evidence