Trust signals
Why this verdict
PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.
- Weekly downloads
- 3,385Niche · −30% score
- Versions published
- 534Mature · −50% score
- First published
- Jan 2023
- Publisher
- impactnpm
Effective trust discount applied: −50% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.
Recommended action
Looks clean — keep monitoringNo high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.
Block this release in CIcurl · GitHub Actions
Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer $PKGRADAR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"specs":["[email protected]"],"fail_on":"review"}'GitHub Actions step:
- name: PkgRadar gate
run: |
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
-H "Content-Type: application/json" \
-d '{"specs":["[email protected]"],"fail_on":"review"}'Why flagged
What the scanner saw
No high-signal static finding in the saved report.
Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.
Availability ledger
available
Status history (1 event)
- new → available · risk low · score 0 · status changed
Evidence
Static findings
No findings stored for this release.
Manifest
Package metadata
Scripts33
buildnpm run build:libbuild:libnode ./scripts/clean-dist.mjs && tsc --noEmit && SOURCE_MAP=0 vite build && SOURCE_MAP=0 vite build --config vite.styles.config.ts && node ./scripts/generate-mcp-registry.mjsbuild:lib:debugnode ./scripts/clean-dist.mjs && tsc && NO_MINIFY=1 SOURCE_MAP=1 vite build && node ./scripts/generate-mcp-registry.mjsbuild:storybookstorybook builddevvitedocscd docs && npm startdocs:apitypedoc --options typedoc.jsondocs:buildnpm run docs:api && cd docs && npm run builddocs:deploynpm run docs:build && cd docs && npm run deploydocs:servecd docs && npm run serveformatprettier --write "src/**/*.{ts,tsx,json,scss,md}"format:checkprettier --check "src/**/*.{ts,tsx,json,scss,md}"format:fixnpm run format -- --write && npm run lint:fixlinteslint . --ext .js,.jsx,.ts,.tsx --report-unused-disable-directiveslint:a11yeslint . --ext .tsxlint:errorseslint . --ext .js,.jsx,.ts,.tsx --quietlint:fixeslint . --ext .js,.jsx,.ts,.tsx --fixmigrate:image-pathsnode ./bin/migrate-image-paths.cjs ./srcmigrate:image-paths:drynode ./bin/migrate-image-paths.cjs ./src --dryoptimize:imagesnode ./scripts/optimize-images.mjsoptimize:images:drynode ./scripts/optimize-images.mjs --dry-runoptimize:images:stagednode ./scripts/optimize-images.mjs --verbosepre-pushnpm run type-check && npm run lint:errors && npm run format && npm run test:coveragepreparecd .. && husky install .huskypreviewvite previewstorybookstorybook dev -p 6006testvitest --project=unittest:coveragevitest run --project=unit --coveragetest:runvitest run --project=unittest:storybookvitest --project=storybook- …and 3 more.
Dependencies23
@dnd-kit/core^6.2.0@dnd-kit/sortable^9.0.0@dnd-kit/utilities^3.2.2@tiptap/extension-highlight^2.26.1@tiptap/extension-image^2.26.1@tiptap/extension-link^2.26.1@tiptap/extension-mention^2.26.1@tiptap/extension-placeholder^2.26.1@tiptap/extension-strike^2.26.1@tiptap/react^2.26.1@tiptap/starter-kit^2.26.1@tiptap/suggestion^2.26.1dompurify^3.2.7emoji-picker-react^4.14.0prosemirror-model^1.25.3prosemirror-state^1.4.3prosemirror-view^1.40.1react-hook-form^7.54.2react-router-dom^6.2.2react-select^5.7.0react-textarea-autosize^8.5.9react-window^1.8.11tippy.js^6.3.7