PkgRadar

npm · registry.npmjs.org

codeloop-mcp-server

Remote Payload: matched "curl "

Why PkgRadar flagged 0.1.51

SeveritySignalEvidence
mediumRemote Payloadmatched "curl " · package/dist/index.js
mediumRemote Payloadmatched "curl " · package/dist/runners/maestro_generator.js
mediumRemote Payloadmatched "curl " · package/dist/runners/maestro.js
mediumRemote Payloadmatched "curl " · package/dist/runners/window_manager.js

Scanned versions

VersionVerdictScoreScanned (UTC)
0.1.96Low risk02026-06-15
0.1.95Low risk02026-06-12
0.1.91Low risk02026-06-11
0.1.88Low risk02026-06-11
0.1.87Low risk02026-06-07
0.1.86Low risk02026-06-07
0.1.85Low risk02026-06-07
0.1.84Low risk02026-06-07
0.1.83Low risk02026-06-06
0.1.82Low risk02026-06-06
0.1.79Low risk02026-06-06
0.1.78Low risk02026-06-06
0.1.77Low risk02026-06-06
0.1.76Low risk02026-06-06
0.1.75Low risk02026-06-05
0.1.74Low risk02026-06-05
0.1.73Low risk02026-06-01
0.1.72Low risk02026-06-01
0.1.71Low risk02026-05-31
0.1.70Low risk02026-05-31
0.1.69Low risk02026-05-31
0.1.68Low risk02026-05-31
0.1.67Low risk02026-05-31
0.1.66Low risk02026-05-31
0.1.65Low risk02026-05-31
0.1.64Low risk02026-05-30
0.1.63Low risk02026-05-30
0.1.61Low risk02026-05-29
0.1.62Low risk02026-05-29
0.1.60Low risk02026-05-29
0.1.57Low risk02026-05-29
0.1.56Low risk02026-05-29
0.1.55Low risk02026-05-25
0.1.54Low risk02026-05-25
0.1.53Low risk02026-05-25
0.1.52Low risk02026-05-25
0.1.51Review482026-05-24
0.1.50Review362026-05-24

Block this in CI

PkgRadar gates codeloop-mcp-server (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence