PkgRadar

npm · registry.npmjs.org

coral-wraith

New Account With Lifecycle Hook: package first published 0 day(s) ago, 5 total version(s), has lifecycle hook

Why PkgRadar flagged 1.0.4

SeveritySignalEvidence
highNew Account With Lifecycle Hookpackage first published 0 day(s) ago, 5 total version(s), has lifecycle hook · package.json
mediumSuspicious Publish Context{"package_age_days":0,"publisher":"malwguy","burst_same_day":9,"burst_week":9,"lure":null,"version_anomaly":false}

Scanned versions

VersionVerdictScoreScanned (UTC)
6.0.0Review202026-06-12
5.0.3Review202026-06-12
5.0.2Review202026-06-12
5.0.1Review202026-06-12
3.0.0Review202026-06-12
4.0.0Review202026-06-12
2.0.4Review202026-06-12
2.0.3Review202026-06-12
2.0.2Review202026-06-12
2.0.1Review202026-06-12
2.0.0Review202026-06-12
1.0.14Review202026-06-12
1.0.13Review152026-06-12
1.0.12Review202026-06-12
1.0.11Review202026-06-12
1.0.10Review202026-06-11
1.0.9Review202026-06-11
1.0.8Review202026-06-11
1.0.7Review202026-06-11
1.0.6Review202026-06-11
1.0.5Review202026-06-11
1.0.4High risk202026-06-11
1.0.3High risk202026-06-11
1.0.1High risk202026-06-11
1.0.2High risk202026-06-11
1.0.0High risk152026-06-11

Related campaigns

Block this in CI

PkgRadar gates coral-wraith (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence