PkgRadar

Package evidence

@pencil-agent/[email protected]

Remote Payload: matched "curl "

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads
666
Versions published
119
First published
Feb 2026
Publisher
lucy.cl

Recommended action

Review before promoting

Mixed signals: the package has indicators worth reading before allowing the update in automated dependency flows.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@pencil-agent/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@pencil-agent/[email protected]"],"fail_on":"review"}'
Publisherlucy.cl
Artifact bytes1,513,298
Previous version2.0.0-beta.0
Published2026-06-05T11:34:52.955Z
SHA-2568fe2129d2f5f862c93943a9106cf25ba58499668fc53336457175d995c0561de

Why flagged

What the scanner saw

Remote Payload: matched "curl "

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

review
Last checked
reviewRisk
22Score
2.0.0-beta.1Version
Status history (1 event)
  1. newavailable · risk review · score 22 · status changed

Evidence

Static findings

3 static · 0 from release diff · showing high-signal first.

SeverityKindPathDetailPoints
mediumRemote Payloadpackage/dist/extensions/builtin/browser/src/browser_harness/admin.pymatched "curl "12
Show all 3 findings (low-signal and informational)
SeverityKindPathDetailPoints
mediumRemote Payloadpackage/dist/extensions/builtin/browser/src/browser_harness/admin.pymatched "curl "12
lowCredential file accesspackage/dist/cli/args.jsmatched "AWS_ACCESS_KEY"5
lowCredential file accesspackage/dist/extensions/builtin/security-audit/interface.jsmatched ".ssh/"5

Manifest

Package metadata

Scripts35
  • benchmarknode scripts/startup-benchmark.cjs
  • benchmark:comparenode scripts/startup-benchmark.cjs --baseline .benchmarks/baseline.json
  • benchmark:savenode scripts/startup-benchmark.cjs --output .benchmarks/baseline.json
  • buildnpm run clean:dist && npm run build:deps && tsc -p tsconfig.build.json && npm run copy:theme:json && npm run copy:assets && npm run build:meta
  • build:depsnpm run build --prefix packages/extension-sdk && npm run build --prefix core/lib/ai && npm run build --prefix core/lib/agent-core && npm run build --prefix core/lib/tui
  • build:metanode scripts/generate-build-meta.js
  • build:releasenpm run generate-models --prefix core/lib/ai && npm run build
  • changelognode scripts/generate-changelog.js
  • clean:distnode -e "require('fs').rmSync('dist',{recursive:true,force:true})"
  • copy:assetsnode scripts/copy-assets.js
  • copy:theme:jsonnode -e "const fs=require('fs');const p=require('path');const d='dist/modes/interactive/theme';if(!fs.existsSync(d))fs.mkdirSync(d,{recursive:true});fs.readdirSync('modes/interactive/theme').forEach(f=>{if(f.endsWith('.json'))fs.copyFileSync(p.join('modes/interactive/theme',f),p.join(d,f))})"
  • devtsx cli.ts
  • postversiongit push
  • prepublishOnlynpm run build:release
  • releasenpm version patch && npm publish
  • startnpx cross-env NODE_ENV=production node --no-deprecation dist/cli.js
  • test:commandsnode --test --import tsx test/slash-command-catalog.test.ts test/extension-command-completions.test.ts test/interactive-slash-command-arguments.test.ts test/rpc-command-catalog.test.ts
  • test:interactive-memory-notifynode --test --import tsx test/interactive-memory-notify.test.ts test/session-manager-header.test.ts
  • test:plannode --test --import tsx test/plan-mode.test.ts
  • test:presencenode --test --import tsx test/presence-opening.test.ts
  • test:securitynode --test --import tsx test/security-audit.test.ts
  • test:subagentnode --test --import tsx test/subagent-parser.test.ts test/worktree-manager.test.ts test/bash-sandbox.test.ts
  • test:teamnode --test --import tsx test/team-parser.test.ts test/team-runtime.test.ts
  • test:toolsnode --test --import tsx test/workspace-write-guard.test.ts test/read-tool.test.ts test/tool-window-validation.test.ts test/bash-sandbox.test.ts
  • test:utilsnode --test --import tsx test/logger.test.ts
  • update-modelsnpm run generate-models --prefix core/lib/ai
  • verify:dipnode --import tsx scripts/verify-dip.ts
  • verify:qualitynode --import tsx scripts/verify-quality.ts
  • versionnpm run changelog && git add CHANGELOG.md
  • watchtsc --watch
  • …and 5 more.
Dependencies33
  • @agentclientprotocol/sdk^0.16.1
  • @anthropic-ai/sdk^0.73.0
  • @aws-sdk/client-bedrock-runtime^3.983.0
  • @google/genai^1.40.0
  • @mariozechner/clipboard^0.3.2
  • @mariozechner/jiti^2.6.2
  • @mistralai/mistralai1.10.0
  • @pencil-agent/mem-core^1.1.0
  • @pencil-agent/soul-core^0.1.0
  • @silvia-odwyer/photon-node^0.3.4
  • @sinclair/typebox^0.34.41
  • ajv^8.17.1
  • ajv-formats^3.0.1
  • chalk^5.5.0
  • cli-highlight^2.1.11
  • diff^8.0.2
  • extract-zip^2.0.1
  • file-type^21.1.1
  • get-east-asian-width^1.3.0
  • glob^13.0.1
  • hosted-git-info^9.0.2
  • ignore^7.0.5
  • marked^15.0.12
  • mime-types^3.0.1
  • minimatch^10.1.1
  • openai6.10.0
  • partial-json^0.1.7
  • proper-lockfile^4.1.2
  • proxy-agent^6.5.0
  • undici^7.19.1
  • …and 3 more.
Optional dependencies1
  • koffi^2.9.0