Package evidence

@seqera/[email protected]

Remote Dependency Spec: dependencies.remark-yaml-to-table="github:seqeralabs/remark-yaml-to-table"

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads: 665
Versions published: 94
First published: Jan 2026
Publisher: GitHub ActionsTrusted automation · −70% score

Effective trust discount applied: −70% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.

Recommended action

Review before promoting

Mixed signals: the package has indicators worth reading before allowing the update in automated dependency flows.

Inspect tarball Add to CI gate

Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@seqera/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@seqera/[email protected]"],"fail_on":"review"}'

PublisherGitHub Actions

Artifact bytes3,821,761

Previous version1.0.38

Published2026-05-26T22:05:06.020Z

SHA-256759af7bfd53514af246bf7b9987632fc0e87b2d1adf15d9e2c0df3fd57282ac0

Why flagged

What the scanner saw

Remote Dependency Spec: dependencies.remark-yaml-to-table="github:seqeralabs/remark-yaml-to-table"

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

review

17d agoLast checked

reviewRisk

3Score

1.0.39-next.118Version

Status history (1 event)

new → available17d ago · risk review · score 3 · status changed

Evidence

Static findings

1 static · 0 from release diff · showing high-signal first.

Severity	Kind	Path	Detail	Points
medium	Remote Dependency Spec	package.json	dependencies.remark-yaml-to-table="github:seqeralabs/remark-yaml-to-table"	12

Manifest

Package metadata

Scripts4

buildtsc --build && node ../../scripts/copyUntypedFiles.js
build:watchtsc --build --watch
copy:watchnode ../../scripts/copyUntypedFiles.js --watch
watchrun-p -c copy:watch build:watch

Dependencies25

@docusaurus/core3.9.2
@docusaurus/plugin-content-blog3.9.2
@docusaurus/plugin-content-docs3.9.2
@docusaurus/plugin-content-pages3.9.2
@docusaurus/plugin-css-cascade-layers3.9.2
@docusaurus/plugin-debug3.9.2
@docusaurus/plugin-google-analytics3.9.2
@docusaurus/plugin-google-gtag3.9.2
@docusaurus/plugin-google-tag-manager3.9.2
@docusaurus/plugin-sitemap3.9.2
@docusaurus/plugin-svgr3.9.2
@docusaurus/theme-common3.9.2
@docusaurus/theme-search-algolia3.9.2
@docusaurus/types3.9.2
@seqera/docusaurus-theme-seqera1.0.39
@tailwindcss/oxide^4.1.17
docusaurus-plugin-llms^0.3.0
docusaurus-plugin-openapi-docs^4.5.1
docusaurus-remark-plugin-tab-blocks^3.1.0
docusaurus-theme-openapi-docs^4.5.1
docusaurus-theme-search-typesense^0.26.0
rehype-katex^7.0.1
remark-code-import^1.2.0
remark-math^6.0.0
remark-yaml-to-tablegithub:seqeralabs/remark-yaml-to-table