PkgRadar

npm · registry.npmjs.org

yonagi-blog-repo-img

Obfuscation Density: high encoded/escaped-token density

Why PkgRadar flagged 1.1.44

SeveritySignalEvidence
mediumObfuscation Densityhigh encoded/escaped-token density · package/js/Valine.min.js
mediumRemote Payloadmatched "curl " · package/.github/workflows/cloudflarepush.yml

Scanned versions

VersionVerdictScoreScanned (UTC)
1.1.46Low risk02026-06-01
1.1.45Low risk02026-06-01
1.1.44Review152026-05-27
1.1.43Review152026-05-26
1.1.41Review182026-05-25
1.1.42Review182026-05-25

Block this in CI

PkgRadar gates yonagi-blog-repo-img (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence