npm · registry.npmjs.org

signetai

Remote Dependency Spec: optionalDependencies.signetai-darwin-arm64="https://github.com/Signet-AI/signetai/releases/download/v0.140.2/signetai-darwin-arm64-0.140.2.tgz"

Why PkgRadar flagged 0.140.2

Severity	Signal	Evidence
high	Remote Dependency Spec	optionalDependencies.signetai-darwin-arm64="https://github.com/Signet-AI/signetai/releases/download/v0.140.2/signetai-darwin-arm64-0.140.2.tgz" · package.json
high	Remote Dependency Spec	optionalDependencies.signetai-darwin-x64="https://github.com/Signet-AI/signetai/releases/download/v0.140.2/signetai-darwin-x64-0.140.2.tgz" · package.json
high	Remote Dependency Spec	optionalDependencies.signetai-linux-arm64="https://github.com/Signet-AI/signetai/releases/download/v0.140.2/signetai-linux-arm64-0.140.2.tgz" · package.json
high	Remote Dependency Spec	optionalDependencies.signetai-linux-x64="https://github.com/Signet-AI/signetai/releases/download/v0.140.2/signetai-linux-x64-0.140.2.tgz" · package.json
high	Remote Dependency Spec	optionalDependencies.signetai-win32-x64="https://github.com/Signet-AI/signetai/releases/download/v0.140.2/signetai-win32-x64-0.140.2.tgz" · package.json
high	Dependency Changed To Remote Vs Previous	optionalDependencies.signetai-darwin-arm64 changed to remote spec in 0.140.2 vs 0.140.1: "https://github.com/Signet-AI/signetai/releases/download/v0.140.2/signetai-darwin-arm64-0.140.2.tgz" · package.json
high	Dependency Changed To Remote Vs Previous	optionalDependencies.signetai-darwin-x64 changed to remote spec in 0.140.2 vs 0.140.1: "https://github.com/Signet-AI/signetai/releases/download/v0.140.2/signetai-darwin-x64-0.140.2.tgz" · package.json
high	Dependency Changed To Remote Vs Previous	optionalDependencies.signetai-linux-arm64 changed to remote spec in 0.140.2 vs 0.140.1: "https://github.com/Signet-AI/signetai/releases/download/v0.140.2/signetai-linux-arm64-0.140.2.tgz" · package.json
high	Dependency Changed To Remote Vs Previous	optionalDependencies.signetai-linux-x64 changed to remote spec in 0.140.2 vs 0.140.1: "https://github.com/Signet-AI/signetai/releases/download/v0.140.2/signetai-linux-x64-0.140.2.tgz" · package.json
high	Dependency Changed To Remote Vs Previous	optionalDependencies.signetai-win32-x64 changed to remote spec in 0.140.2 vs 0.140.1: "https://github.com/Signet-AI/signetai/releases/download/v0.140.2/signetai-win32-x64-0.140.2.tgz" · package.json

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`0.140.2`	High risk	205	2026-06-13
`0.140.1`	High risk	205	2026-06-11
`0.139.0`	High risk	205	2026-06-11
`0.138.34`	High risk	205	2026-06-11
`0.138.33`	High risk	205	2026-06-10
`0.138.32`	High risk	205	2026-06-10
`0.138.31`	High risk	205	2026-06-10
`0.138.30`	High risk	205	2026-06-10
`0.138.25`	High risk	205	2026-06-10
`0.138.26`	High risk	205	2026-06-10
`0.138.24`	High risk	205	2026-06-10
`0.138.23`	High risk	205	2026-06-10
`0.138.22`	High risk	205	2026-06-10
`0.138.21`	High risk	205	2026-06-10
`0.138.20`	High risk	205	2026-06-10
`0.138.19`	High risk	205	2026-06-10
`0.138.18`	High risk	205	2026-06-10
`0.137.3`	Review	41	2026-05-27
`0.137.4`	Review	41	2026-05-27
`0.137.1`	Review	41	2026-05-25
`0.137.0`	Review	96	2026-05-25
`0.136.1`	Review	96	2026-05-25
`0.136.0`	Review	96	2026-05-25
`0.135.0`	Review	96	2026-05-25
`0.134.1`	Review	96	2026-05-25
`0.134.0`	Review	96	2026-05-25
`0.133.1`	Review	96	2026-05-25
`0.133.0`	Review	96	2026-05-25
`0.132.0`	Review	96	2026-05-25
`0.131.0`	Review	96	2026-05-24
`0.130.1`	Review	96	2026-05-24
`0.130.0`	Review	96	2026-05-24
`0.129.0`	Review	96	2026-05-24
`0.128.0`	Review	96	2026-05-24
`0.127.0`	Review	66	2026-05-24
`0.126.0`	Review	66	2026-05-24
`0.125.2`	Review	66	2026-05-24
`0.125.1`	Review	66	2026-05-24
`0.125.0`	Review	66	2026-05-24
`0.124.5`	Review	66	2026-05-24
`0.124.4`	Review	66	2026-05-24
`0.124.3`	Review	66	2026-05-24

Block this in CI

PkgRadar gates signetai (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]

Start free — 25 scans / mo View full evidence