npm · registry.npmjs.org
gramene-search
Remote Payload: matched "curl "
Why PkgRadar flagged 2.1.10
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · package/.claude/settings.local.json |
| medium | Large Javascript Payload | 19128141 bytes · package/src/static/jbrowse2.umd.dev.js |
| medium | Large Javascript Payload | 8721207 bytes · package/sorghum/sorghum.4d3065de.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
2.6.0 | Low risk | 0 | 2026-06-08 |
2.5.3 | Low risk | 0 | 2026-06-06 |
2.5.2 | Low risk | 0 | 2026-06-05 |
2.5.1 | Low risk | 0 | 2026-06-05 |
2.5.0 | Low risk | 0 | 2026-06-05 |
2.4.0 | Low risk | 0 | 2026-06-05 |
2.3.0 | Low risk | 0 | 2026-06-04 |
2.2.0 | Low risk | 0 | 2026-06-02 |
2.1.11 | Low risk | 0 | 2026-05-28 |
2.1.10 | Review | 9 | 2026-05-27 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]