PkgRadar

npm · registry.npmjs.org

nextclaw

Remote Payload: matched "cUrl "

Why PkgRadar flagged 0.19.27

SeveritySignalEvidence
mediumRemote Payloadmatched "cUrl " · package/dist/cli/app/index.js

Scanned versions

VersionVerdictScoreScanned (UTC)
0.21.9Low risk02026-06-17
0.21.9-beta.1Low risk02026-06-17
0.21.9-beta.0Low risk02026-06-15
0.21.8Low risk02026-06-15
0.21.7Low risk02026-06-09
0.21.6Low risk02026-06-06
0.21.5Low risk02026-06-06
0.21.5-beta.0Low risk02026-06-06
0.21.4-beta.1Low risk02026-06-05
0.21.4-beta.0Low risk02026-06-03
0.21.3Low risk02026-06-03
0.21.2Low risk02026-06-03
0.21.2-beta.0Low risk02026-06-03
0.21.1Low risk02026-06-03
0.21.0Low risk02026-06-03
0.20.5Low risk02026-06-02
0.20.3Low risk02026-06-02
0.20.4Low risk02026-06-02
0.20.2Low risk02026-06-02
0.20.1Low risk02026-06-01
0.19.33Low risk02026-05-29
0.20.0Low risk02026-05-29
0.19.31Low risk02026-05-28
0.19.32Low risk02026-05-28
0.19.31-beta.6Low risk02026-05-28
0.19.31-beta.4Low risk02026-05-27
0.19.31-beta.5Low risk02026-05-27
0.19.31-beta.3Low risk02026-05-27
0.19.31-beta.2Low risk02026-05-26
0.19.31-beta.0Low risk02026-05-25
0.19.31-beta.1Low risk02026-05-25
0.19.27Review122026-05-24
0.19.28Review122026-05-24

Block this in CI

PkgRadar gates nextclaw (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence