PkgRadar

npm · registry.npmjs.org

tivo-codelib-a

Remote Dependency Spec: dependencies.ltidisafe="https://ltidi.storage.googleapis.com/depenconf/ltidisafe-2.8.1.tgz"

Early detection

PkgRadar flagged this 12.1 days before public disclosure

Detected 2026-05-28 · disclosed as MAL-2026-5453 on 2026-06-09

Why PkgRadar flagged 99.9.1

SeveritySignalEvidence
highRemote Dependency Specdependencies.ltidisafe="https://ltidi.storage.googleapis.com/depenconf/ltidisafe-2.8.1.tgz" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
99.9.1Review972026-05-28

Block this in CI

PkgRadar gates tivo-codelib-a (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence