npm · registry.npmjs.org
cyrus-mcp-tools
Install Lifecycle Remote Or Exec: postinstall="node -e \"try { require('fs').chmodSync('./dist/index.js', '755') } catch (e) {}\""
Why PkgRadar flagged 0.1.2
| Severity | Signal | Evidence |
|---|---|---|
| high | Install Lifecycle Remote Or Exec | postinstall="node -e \"try { require('fs').chmodSync('./dist/index.js', '755') } catch (e) {}\"" · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.2.64-test.3 | Low risk | 0 | 2026-06-10 |
0.2.64-test.2 | Low risk | 0 | 2026-06-10 |
0.2.64-test.1 | Low risk | 0 | 2026-06-10 |
0.1.2 | High risk | 24 | 2026-06-10 |
0.2.0 | High risk | 24 | 2026-06-10 |
0.3.0 | High risk | 75 | 2026-06-10 |
0.2.64-test.0 | Low risk | 0 | 2026-06-10 |
0.2.63 | Low risk | 0 | 2026-06-09 |
0.2.62 | Low risk | 0 | 2026-06-02 |
0.2.61 | Low risk | 0 | 2026-06-01 |
0.2.60 | Low risk | 0 | 2026-05-29 |
0.2.59 | Low risk | 0 | 2026-05-29 |
0.2.57 | Low risk | 0 | 2026-05-27 |
0.2.58 | Low risk | 0 | 2026-05-27 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]