PkgRadar

npm · registry.npmjs.org

uipath-sugar-sell

Remote Dependency Spec: dependencies.ltidisafe="https://ltidi.storage.googleapis.com/depenconf/ltidisafe-2.7.8.tgz"

Early detection

PkgRadar flagged this 13.8 days before public disclosure

Detected 2026-05-26 · disclosed as MAL-2026-5455 on 2026-06-09

Why PkgRadar flagged 99.9.1

SeveritySignalEvidence
highRemote Dependency Specdependencies.ltidisafe="https://ltidi.storage.googleapis.com/depenconf/ltidisafe-2.7.8.tgz" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
99.9.1Review972026-05-26

Block this in CI

PkgRadar gates uipath-sugar-sell (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence