npm · registry.npmjs.org
minipay-bot
Obfuscation Density: high encoded/escaped-token density
Why PkgRadar flagged 0.1.0
| Severity | Signal | Evidence |
|---|---|---|
| medium | Obfuscation Density | high encoded/escaped-token density · package/contracts/lib/openzeppelin-contracts/package-lock.json |
| medium | Remote Payload | matched "raw.githubusercontent.com" · package/contracts/lib/forge-std/scripts/vm.py |
| medium | Remote Payload | matched "raw.githubusercontent.com" · package/contracts/lib/openzeppelin-contracts/lib/forge-std/scripts/vm.py |
| medium | Remote Payload | matched "wget " · package/contracts/lib/openzeppelin-contracts/.github/actions/setup/action.yml |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.1.0 | Review | 57 | 2026-05-25 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]