npm · registry.npmjs.org
vikit-cli
Large Javascript Payload: 3620036 bytes
Why PkgRadar flagged 1.0.6
| Severity | Signal | Evidence |
|---|---|---|
| medium | Large Javascript Payload | 3620036 bytes · package/dist/index.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.1.0-dev.1 | Low risk | 0 | 2026-06-16 |
1.0.9 | Low risk | 0 | 2026-06-05 |
1.0.8 | Low risk | 0 | 2026-06-02 |
1.0.6 | Review | 10 | 2026-05-25 |
1.0.7 | Review | 10 | 2026-05-25 |
Related campaigns
- manha.nguyen.work — 2 releases, max score 44
- install_lifecycle_remote_or_exec:prepare="node -e \"try{require('child_process').execsync('git rev-parse --git-dir',{stdio:'ignore'});require('child_process').execsync('bash .githooks/install.sh',{stdio:'inherit'})}catch(e){console.warn('[i] hook install skipped:',e.message)}\"" — 2 releases, max score 44
- install_lifecycle_remote_or_exec:prepare="node -e \"try{require('child_process').execSync('git rev-parse --git-dir',{stdio:'ignore'});require('child_process').execSync('bash .githooks/install.sh',{stdio:'inherit'})}catch(e){console.warn('[i] Hook install skipped:',e.message)}\"" — 2 releases, max score 44
Block this in CI
pkgradar gate --ecosystem npm [email protected]