npm · registry.npmjs.org
openfox
Remote Payload: matched "curl "
Why PkgRadar flagged 2.0.0-beta.4
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · package/dist/pwa-76XP2DY2.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
2.0.0-beta.4 | Review | 11 | 2026-06-16 |
2.0.0-beta.3 | Review | 11 | 2026-06-16 |
2.0.0-beta.2 | Review | 11 | 2026-06-15 |
2.0.0-beta.1 | Review | 17 | 2026-06-15 |
2.0.0-beta.0 | Review | 11 | 2026-06-14 |
1.6.103 | Review | 17 | 2026-06-12 |
1.6.102 | Review | 17 | 2026-06-12 |
1.6.101 | Review | 17 | 2026-06-10 |
1.6.100 | Review | 17 | 2026-06-10 |
1.6.99 | Review | 17 | 2026-06-09 |
1.6.98 | Review | 17 | 2026-06-09 |
1.6.97 | Review | 17 | 2026-06-09 |
1.6.96 | Review | 17 | 2026-06-08 |
1.6.95 | Review | 12 | 2026-06-08 |
1.6.94 | Review | 12 | 2026-06-07 |
1.6.93 | Review | 12 | 2026-05-27 |
1.6.92 | Review | 12 | 2026-05-27 |
1.6.90 | Review | 42 | 2026-05-24 |
1.6.91 | Review | 42 | 2026-05-24 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]