npm · registry.npmjs.org
sitepack-cli
Install Lifecycle Remote Or Exec: preinstall="node -e \"if(process.env.npm_execpath && !process.env.npm_execpath.includes('yarn') && !process.env.npm_execpath.includes('npm')) { console.error('Please use npm or yarn to install dependencies'); process.exit(1); }\""
Why PkgRadar flagged 1.0.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Install Lifecycle Remote Or Exec | preinstall="node -e \"if(process.env.npm_execpath && !process.env.npm_execpath.includes('yarn') && !process.env.npm_execpath.includes('npm')) { console.error('Please use npm or yarn to install dependencies'); process.exit(1); }\"" · package.json |
| medium | New Account With Lifecycle Hook | package first published 80 day(s) ago, 2 total version(s), has lifecycle hook · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.0.0 | High risk | 35 | 2026-06-13 |
1.1.0 | High risk | 35 | 2026-06-13 |
Campaign attribution
Block this in CI
pkgradar gate --ecosystem npm [email protected]