PkgRadar

npm · registry.npmjs.org

create-presto

Remote Dependency Spec: dependencies.@base-ui/core="git+ssh://[email protected]:picaf/base-ui-js.git#main"

Why PkgRadar flagged 0.1.15

SeveritySignalEvidence
mediumRemote Dependency Specdependencies.@base-ui/core="git+ssh://[email protected]:picaf/base-ui-js.git#main" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
0.1.15Review122026-06-02
0.1.16Review122026-06-02

Block this in CI

PkgRadar gates create-presto (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence
create-presto — npm security scan | PkgRadar