PkgRadar

npm · registry.npmjs.org

termstream-npm

Known Indicator Filename: package/scripts/bundle.js

Why PkgRadar flagged 0.1.3

SeveritySignalEvidence
highKnown Indicator Filenamepackage/scripts/bundle.js · package/scripts/bundle.js
highInstall Lifecycle Remote Or Execpostinstall="node scripts/postinstall.js" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
0.1.4Review52026-05-30
0.1.2Review52026-05-30
0.1.3High risk802026-05-25

Block this in CI

PkgRadar gates termstream-npm (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence