npm · registry.npmjs.org
create-dwy
Remote Payload: matched "curl "
Why PkgRadar flagged 0.13.1
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · package/templates/claude-global/skills/元工具/dwy-claude-code-features/scripts/refresh_docs.py |
| medium | Remote Payload | matched "curl " · package/templates/claude-global/skills/运维发布/dwy-deploy-audit/scripts/check_base.sh |
| medium | Remote Payload | matched "curl " · package/templates/claude-global/skills/运维发布/dwy-deploy-audit/scripts/check_db.sh |
| medium | Remote Payload | matched "curl " · package/templates/claude-global/skills/运维发布/dwy-deploy-audit/scripts/check_https.sh |
| medium | Remote Payload | matched "curl " · package/templates/claude-global/skills/运维发布/dwy-deploy-audit/scripts/check_nginx.sh |
| medium | Remote Payload | matched "curl " · package/templates/claude-global/skills/运维发布/dwy-deploy-audit/scripts/check_services.sh |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.14.6 | Low risk | 0 | 2026-06-15 |
0.14.5 | Low risk | 0 | 2026-06-15 |
0.14.4 | Low risk | 0 | 2026-06-15 |
0.14.3 | Low risk | 0 | 2026-06-15 |
0.14.2 | Low risk | 0 | 2026-06-14 |
0.14.1 | Low risk | 0 | 2026-06-12 |
0.14.0 | Low risk | 0 | 2026-06-12 |
0.13.8 | Low risk | 0 | 2026-06-12 |
0.13.7 | Low risk | 0 | 2026-06-12 |
0.13.6 | Low risk | 0 | 2026-06-12 |
0.13.5 | Low risk | 0 | 2026-06-12 |
0.13.4 | Low risk | 0 | 2026-06-12 |
0.13.3 | Low risk | 0 | 2026-06-10 |
0.13.2 | Low risk | 0 | 2026-06-01 |
0.13.1 | Review | 85 | 2026-05-25 |
0.13.0 | Review | 150 | 2026-05-25 |
0.12.2 | Review | 150 | 2026-05-25 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]