PkgRadar

Package evidence

@openanalystinc/[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads
569
Versions published
41
First published
Apr 2026
Publisher
anit-10x

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@openanalystinc/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@openanalystinc/[email protected]"],"fail_on":"review"}'
Publisheranit-10x
Artifact bytes230,710
Previous version2.0.44
Published2026-05-27T11:20:22.008Z
SHA-25681f538b8794caa8f5037bfa49e72eb1e164a337f6ed55ec6a742c4b2ef8f3947

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low
Last checked
lowRisk
0Score
2.0.45Version
Status history (1 event)
  1. newavailable · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts5
  • buildnpm --prefix ink-tui run build && cargo build --manifest-path rust/Cargo.toml -p openanalyst-cli
  • release:checknpm run typecheck && npm --prefix ink-tui run test -- --run src/utils/credential-manager.test.ts src/contexts/keypress-context.test.tsx src/components/permission-dialog.test.tsx && cargo test --manifest-path rust/Cargo.toml -p runtime mcp_bridge --lib && cargo test --manifest-path rust/Cargo.toml -p api provider_client --tests && npm run test:package
  • testnpm --prefix ink-tui run test && cargo test --manifest-path rust/Cargo.toml --workspace
  • test:packagecargo build --manifest-path rust/Cargo.toml -p openanalyst-cli && node scripts/test-cli-launcher.js && node scripts/test-local-package-e2e.js
  • typechecknpm --prefix ink-tui run typecheck && cargo check --manifest-path rust/Cargo.toml -p runtime -p orchestrator -p api -p commands -p openanalyst-cli
Dependencies19
  • ansi-escapes^7.3.0
  • chalk^4.1.2
  • cli-spinners^2.9.2
  • clipboardy~5.2.0
  • color-convert^2.0.1
  • diff^8.0.3
  • fzf^0.5.2
  • highlight.js^11.11.1
  • inknpm:@jrichman/[email protected]
  • ink-gradient^3.0.0
  • ink-spinner^5.0.0
  • lowlight^3.3.0
  • react^19.2.0
  • shell-quote^1.8.3
  • sql.js^1.14.1
  • string-width^8.1.0
  • strip-ansi^7.1.0
  • tinygradient^1.1.5
  • zod^3.23.8
Optional dependencies7
  • @openanalystinc/openanalyst-cli-darwin-arm642.0.45
  • @openanalystinc/openanalyst-cli-darwin-x642.0.45
  • @openanalystinc/openanalyst-cli-linux-arm642.0.45
  • @openanalystinc/openanalyst-cli-linux-x642.0.45
  • @openanalystinc/openanalyst-cli-win32-arm642.0.45
  • @openanalystinc/openanalyst-cli-win32-x642.0.45
  • @playwright/mcp^0.0.70