npm · registry.npmjs.org

orbitchat

Obfuscation Density: high encoded/escaped-token density

Why PkgRadar flagged 3.8.6

Severity	Signal	Evidence
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/assets/chunk-727SXJPM-Brj3ogyh.js
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/assets/flowDiagram-I6XJVG4X-areoWiLX.js

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`3.9.7`	Low risk	0	2026-06-09
`3.9.3`	Low risk	0	2026-06-08
`3.9.6`	Low risk	0	2026-06-08
`3.9.4`	Low risk	0	2026-06-01
`3.9.5`	Low risk	0	2026-06-01
`3.9.0`	Low risk	0	2026-05-31
`3.8.9`	Low risk	0	2026-05-30
`3.8.8`	Low risk	0	2026-05-29
`3.8.7`	Low risk	0	2026-05-28
`3.8.6`	Review	16	2026-05-27
`3.8.4`	Low risk	0	2026-05-24
`3.8.5`	Low risk	0	2026-05-24

Block this in CI

PkgRadar gates orbitchat (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]