Package evidence

@mkbabb/[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads: 358
Versions published: 15Established · −30% score
First published: Jul 2024
Publisher: mkbabb

Effective trust discount applied: −30% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarball Add to CI gate

Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@mkbabb/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@mkbabb/[email protected]"],"fail_on":"review"}'

Publishermkbabb

Artifact bytes107,313

Previous version4.2.0

Published2026-06-16T18:54:24.893Z

SHA-256b0e76b19dbdaa174e7dfe8ea6697b8bbaed7f17a28b8744c7110dfcfb15a6f77

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low

28h agoLast checked

lowRisk

0Score

4.3.0Version

Status history (1 event)

new → available28h ago · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts146

benchvitest bench
bench:color-fidelityvitest run test/color-fidelity.test.ts && node scripts/color-fidelity-harness.mjs
buildnpm run build:lib
build:libvite build --mode production
build:watchvite build --watch --mode production
checktsc --noEmit
check:libtsc --noEmit -p tsconfig.lib.json
devvite
dev:playgroundvite --mode playground
gen:agent-surfacenode scripts/gen-agent-surface.mjs
gh-pagesvite build --mode gh-pages
preparenpm run build:lib
proof:adapter-capturevitest run test/adapter-capture.test.ts
proof:adopt-compilednode scripts/proof-adopt-compiled.mjs && vitest run test/adopt-compiled.test.ts
proof:agent-surfacenode scripts/proof-agent-surface.mjs
proof:allnpm run proof:correctness && npm run proof:hygiene
proof:amiga-subject-is-pivotnode scripts/proof-amiga-subject-is-pivot.mjs
proof:appearance-suffusionnode scripts/proof-appearance-suffusion.mjs
proof:asset-store-singletonvitest run test/asset-store-singleton.test.ts
proof:bench-runsnode scripts/proof-bench-runs.mjs
proof:bezier-grownnode scripts/proof-bezier-grown.mjs
proof:bezier-no-scrollnode scripts/proof-bezier-no-scroll.mjs
proof:bezier-single-cardnode scripts/proof-bezier-single-card.mjs
proof:blendnode scripts/proof-blend.mjs && vitest run test/blend.test.ts
proof:boundarynode scripts/proof-boundary.mjs
proof:brittlenessnode scripts/proof-brittleness.mjs
proof:browsernode scripts/proof-browser.mjs
proof:card-rounded-primitivenode scripts/proof-card-rounded-primitive.mjs
proof:cartoon-is-panel-depthnode scripts/proof-cartoon-is-panel-depth.mjs
proof:cartoon-shadow-unclippednode scripts/proof-cartoon-shadow-unclipped.mjs
…and 116 more.

Dependencies2

@mkbabb/parse-that^0.9.0
@mkbabb/value.js^0.13.0

Optional dependencies1

@mkbabb/glass-ui~4.0.0