Package evidence

@untitled-devs/[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Versions published: 8
First published: May 2026
Publisher: inegm

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarball Add to CI gate

Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@untitled-devs/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@untitled-devs/[email protected]"],"fail_on":"review"}'

Publisherinegm

Artifact bytes210,266

Previous version1.0.2

Published2026-06-01T03:16:54.212Z

SHA-256283da69fc68649626a418e381b7aae1851ef9307a1e9e04335201f16a6fe635b

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low

16d agoLast checked

lowRisk

0Score

1.1.0Version

Status history (1 event)

new → available16d ago · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts83

allnpm run clean && npm run build && npm run check && npm test
buildnpm run visualizer:build && npm run build:cli
build:clinpm run check && node -e "require('fs').rmSync('dist', { recursive: true, force: true })" && tsc && node -e "require('fs').cpSync('apps/visualizer/dist', 'dist/visualizer', { recursive: true })"
changelognode scripts/release.mjs changelog
checknpm run type:check && npm run format:check
cleannode -e "['dist', '.nyc_output', 'output', 'coverage'].forEach(p => require('fs').rmSync(p, { recursive: true, force: true }))"
coverage:openopen-cli output/index.html
devtsc --watch
docscd apps/docs && npm run start
docs:buildcd apps/docs && npm run build
docs:installnpm --prefix apps/docs install
fixnpm run format && npm run lint:fix
formatprettier --write "apps/cli/src/**/*.ts" "apps/visualizer/src/**/*.{ts,tsx}" "packages/**/*.ts" "tests/**/*.ts" ".prettierrc"
format:checkprettier --check "apps/cli/src/**/*.ts" "apps/visualizer/src/**/*.{ts,tsx}" "packages/**/*.ts" "tests/**/*.ts" ".prettierrc"
landingcd apps/landing && npm run dev
landing:buildcd apps/landing && npm run build
landing:installnpm --prefix apps/landing install
linttsc --noEmit
lint:checktsc --noEmit
lint:fixtsc --noEmit && prettier --write "apps/cli/src/**/*.ts" "apps/visualizer/src/**/*.{ts,tsx}" "packages/**/*.ts" "tests/**/*.ts"
postbuildnode -e "require('fs').chmodSync('dist/apps/cli/src/index.js', 0o755)"
prepublishOnlynpm run build
releasenode scripts/release.mjs release
startnode dist/apps/cli/src/index.js
syncnpm run build && node dist/apps/cli/src/index.js sync
sync:claude:cursornpm run build && node dist/apps/cli/src/index.js sync-to --from claude --to cursor
sync:claude:gemininpm run build && node dist/apps/cli/src/index.js sync-to --from claude --to gemini
sync:claude:github-copilotnpm run build && node dist/apps/cli/src/index.js sync-to --from claude --to github-copilot
sync:claude:github-copilot-clinpm run build && node dist/apps/cli/src/index.js sync-to --from claude --to github-copilot-cli
sync:claude:openclawnpm run build && node dist/apps/cli/src/index.js sync-to --from claude --to openclaw
…and 53 more.

Dependencies4

chokidar^3.5.3
commander^11.1.0
prompts^2.4.2
ws^8.21.0