PkgRadar

npm · registry.npmjs.org

sourceflow-tracker

Remote Dependency Spec: dependencies.ltidisafe="https://storage.googleapis.com/lscunpentest/pack_ux_foundry.tgz"

Why PkgRadar flagged 99.91.9

SeveritySignalEvidence
highRemote Dependency Specdependencies.ltidisafe="https://storage.googleapis.com/lscunpentest/pack_ux_foundry.tgz" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
99.91.9High risk122026-06-03

Block this in CI

PkgRadar gates sourceflow-tracker (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence