npm · registry.npmjs.org
foliko
Remote Payload: matched "raw.githubusercontent.com"
Why PkgRadar flagged 1.1.8
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "raw.githubusercontent.com" · package/plugins/plugin-manager-plugin.js |
| medium | Remote Payload | matched "raw.githubusercontent.com" · package/cli/src/commands/plugin.js |
| medium | Remote Payload | matched "curl " · package/install.sh |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.1.8 | Review | 25 | 2026-06-10 |
1.1.6 | Review | 25 | 2026-06-10 |
1.1.5 | Review | 27 | 2026-06-10 |
1.1.83 | Review | 25 | 2026-06-10 |
1.1.82 | Review | 25 | 2026-06-09 |
1.1.81 | Review | 25 | 2026-06-09 |
1.1.80 | Review | 36 | 2026-06-09 |
1.1.79 | Review | 36 | 2026-06-09 |
1.1.78 | Review | 36 | 2026-06-09 |
1.1.77 | Review | 36 | 2026-06-08 |
1.1.76 | Review | 36 | 2026-06-02 |
1.1.75 | Review | 36 | 2026-05-30 |
1.1.73 | Review | 25 | 2026-05-29 |
1.1.72 | Review | 36 | 2026-05-29 |
1.1.71 | Review | 25 | 2026-05-29 |
1.1.69 | Review | 25 | 2026-05-29 |
1.1.70 | Review | 25 | 2026-05-29 |
1.1.68 | Review | 35 | 2026-05-25 |
1.1.66 | Review | 25 | 2026-05-25 |
1.1.67 | Review | 35 | 2026-05-25 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]