PkgRadar

npm · registry.npmjs.org

gm-skill

Remote Payload: matched "github.com/AnEntrypoint/plugkit-bin/releases/download"

Why PkgRadar flagged 2.0.1413

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/AnEntrypoint/plugkit-bin/releases/download" · package/lib/skill-bootstrap.js

Scanned versions

VersionVerdictScoreScanned (UTC)
2.0.1561Low risk02026-06-16
2.0.1560Low risk02026-06-16
2.0.1559Low risk02026-06-15
2.0.1558Low risk02026-06-15
2.0.1557Low risk02026-06-15
2.0.1556Low risk02026-06-14
2.0.1555Low risk02026-06-14
2.0.1554Low risk02026-06-14
2.0.1553Low risk02026-06-14
2.0.1552Low risk02026-06-14
2.0.1551Low risk02026-06-14
2.0.1550Low risk02026-06-12
2.0.1549Low risk02026-06-12
2.0.1548Low risk02026-06-11
2.0.1547Low risk02026-06-11
2.0.1546Low risk02026-06-11
2.0.1545Low risk02026-06-11
2.0.1544Low risk02026-06-11
2.0.1543Low risk02026-06-10
2.0.1542Low risk02026-06-10
2.0.1541Low risk02026-06-10
2.0.1297Low risk02026-06-10
2.0.1298Low risk02026-06-10
2.0.1299Low risk02026-06-10
2.0.1540Low risk02026-06-10
2.0.1539Low risk02026-06-08
2.0.1538Low risk02026-06-07
2.0.1537Low risk02026-06-07
2.0.1536Low risk02026-06-07
2.0.1535Low risk02026-06-07
2.0.1534Low risk02026-06-07
2.0.1533Low risk02026-06-07
2.0.1532Low risk02026-06-06
2.0.1531Low risk02026-06-05
2.0.1530Low risk02026-06-04
2.0.1529Low risk02026-06-04
2.0.1526Low risk02026-06-04
2.0.1525Low risk02026-06-04
2.0.1523Low risk02026-06-04
2.0.1522Low risk02026-06-03
2.0.1521Low risk02026-06-02
2.0.1520Low risk02026-06-02
2.0.1519Low risk02026-06-02
2.0.1517Low risk02026-06-02
2.0.1518Low risk02026-06-02
2.0.1515Low risk02026-06-02
2.0.1516Low risk02026-06-02
2.0.1512Low risk02026-06-02
2.0.1511Low risk02026-06-02
2.0.1509Low risk02026-06-01
2.0.1508Low risk02026-06-01
2.0.1507Low risk02026-06-01
2.0.1506Low risk02026-05-31
2.0.1504Low risk02026-05-29
2.0.1505Low risk02026-05-29
2.0.1503Low risk02026-05-29
2.0.1501Low risk02026-05-29
2.0.1502Low risk02026-05-29
2.0.1500Low risk02026-05-29
2.0.1498Low risk02026-05-28
2.0.1499Low risk02026-05-28
2.0.1485Low risk02026-05-27
2.0.1484Low risk02026-05-27
2.0.1439Low risk02026-05-26
2.0.1440Low risk02026-05-26
2.0.1437Low risk02026-05-26
2.0.1436Low risk02026-05-26
2.0.1435Low risk02026-05-25
2.0.1433Low risk02026-05-25
2.0.1434Low risk02026-05-25
2.0.1429Low risk02026-05-25
2.0.1428Low risk02026-05-25
2.0.1413Review62026-05-25
2.0.1412Review62026-05-25
2.0.1407Low risk02026-05-25
2.0.1406Low risk02026-05-25
2.0.1404Low risk02026-05-25
2.0.1403Low risk02026-05-25
2.0.1402Review482026-05-24
2.0.1401Review482026-05-24
2.0.1400Review482026-05-24
2.0.1399Review482026-05-24
2.0.1398Review482026-05-24
2.0.1397Review482026-05-24
2.0.1396Review482026-05-24
2.0.1395Review482026-05-24
2.0.1394Review482026-05-24
2.0.1393Review482026-05-24
2.0.1392Review482026-05-24
2.0.1391Review482026-05-24
2.0.1390Review482026-05-24
2.0.1389Review482026-05-24
2.0.1388Review482026-05-24
2.0.1387Review482026-05-24
2.0.1386Review482026-05-24
2.0.1385Review482026-05-24
2.0.1384Review482026-05-24
2.0.1383Review482026-05-24
2.0.1381Review482026-05-24
2.0.1382Review482026-05-24

Block this in CI

PkgRadar gates gm-skill (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence