PkgRadar

Package evidence

@velocity-exchange/[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads
107
Versions published
1
First published
May 2026
Publisher
illumenati

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@velocity-exchange/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@velocity-exchange/[email protected]"],"fail_on":"review"}'
Publisherillumenati
Artifact bytes613,254
Previous versionnone
Published2026-05-19T03:09:46.885Z
SHA-256ab1f55a4e6ae335098991c18c146b55a8b66c375df29fd86f8316ffa9937aa89

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low
Last checked
lowRisk
0Score
0.0.1Version
Status history (1 event)
  1. newavailable · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts13
  • buildbun run clean && tsc
  • build-and-packbun run build && npm pack
  • circular-depsbunx madge --circular --circular --extensions ts,tsx src
  • cleanrm -rf lib
  • prepublishOnlybun run build
  • testnpx mocha -r ts-node/register 'tests/**/*.ts' --ignore 'tests/drift/**/*.ts' --exit
  • test:cimocha -r ts-node/register 'tests/**/*.ts' --ignore 'tests/drift/**/*.ts' --silent
  • test:debugnode --inspect-brk --inspect=2234 node_modules/.bin/jest --runInBand
  • test:driftnpx mocha -r ts-node/register 'tests/drift/**/*.ts' --exit
  • update-drift-errorsnode src/scripts/update-drift-error-codes.js
  • update-jup-errorsnode src/scripts/update-jup-error-codes.js
  • update-sdknode scripts/update-sdk.js
  • watchbun run clean && tsc --watch
Dependencies13
  • @solana/spl-token0.4.14
  • @solana/web3.js1.98.0
  • @velocity-exchange/sdk0.0.1
  • bcryptjs-react2.4.6
  • cerializr3.1.4
  • dotenv17.4.2
  • immer10.0.3
  • ioredis5.4.1
  • isomorphic-ws5.0.0
  • localstorage-memory1.0.3
  • rxjs7.8.2
  • tiny-invariant1.3.1
  • tweetnacl1.0.3