Trust signals
Why this verdict
PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.
- Versions published
- 254
- First published
- Mar 2026
- Publisher
- ericswann
Recommended action
Block this updateStatic evidence trips multiple high-signal indicators. Quarantine the release until the publisher validates the change or you can rule out the indicators below.
Block this release in CIcurl · GitHub Actions
Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer $PKGRADAR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"specs":["[email protected]"],"fail_on":"high"}'GitHub Actions step:
- name: PkgRadar gate
run: |
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
-H "Content-Type: application/json" \
-d '{"specs":["[email protected]"],"fail_on":"high"}'Why flagged
What the scanner saw
Credential file access: matched ".npmrc"
Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.
Availability ledger
available
Status history (4 events)
- available → available · risk high · score 96 · status available -> available, risk high -> high, score 108 -> 96
- available → available · risk high · score 108 · status available -> available, risk high -> high, score 133 -> 108
- available → available · risk high · score 133 · status available -> available, risk high -> high, score 315 -> 133
- new → available · risk high · score 315 · status changed
Related candidates
Linked campaigns and clusters
ericswann
7 members · evidence strength 84Install-time lifecycle script — postinstall="node scripts/prune-native-binaries.mjs && node scripts/post-install-notice.mjs && node scripts/post-install-bootstrap.mjs"
7 members · evidence strength 90Evidence
Static findings
28 static · 0 from release diff · showing high-signal first.
No high-signal findings — see all findings below.
Show all 28 findings (low-signal and informational)
| Severity | Kind | Path | Detail | Points |
|---|---|---|---|---|
| low | Credential file access | package/dist/src/cli/spells/core/bwrap-sandbox.js | matched ".npmrc" | 5 |
| low | Credential file access | package/dist/src/cli/spells/core/docker-sandbox.js | matched ".npmrc" | 5 |
| low | Credential file access | package/dist/src/cli/transfer/storage/gcs.js | matched "GOOGLE_APPLICATION_CREDENTIALS" | 5 |
| low | Credential file access | package/dist/src/cli/spells/core/sandbox-profile.js | matched ".npmrc" | 5 |
| low | Credential file access | package/bin/lib/pii-scrub.mjs | matched "GITHUB_TOKEN" | 5 |
| low | Install-time lifecycle script | package.json | postinstall="node scripts/prune-native-binaries.mjs && node scripts/post-install-notice.mjs && node scripts/post-install-bootstrap.mjs" | 5 |
| low | Obfuscation | package/.claude/helpers/statusline.cjs | matched "\\x1b" | 3 |
| low | Obfuscation | package/dist/src/cli/guidance/analyzer.js | matched "eval(" | 3 |
| low | Obfuscation | package/dist/src/cli/spells/core/capability-disclosure.js | matched "\\u2726" | 3 |
| low | Obfuscation | package/dist/src/cli/movector/coverage-router.js | matched "\\x00" | 3 |
| low | Obfuscation | package/dist/src/cli/spells/core/credential-validation.js | matched "Buffer.from(b64, 'base64" | 3 |
| low | Obfuscation | package/dist/src/cli/services/daemon-dashboard.js | matched "\\u2192" | 3 |
| low | Obfuscation | package/dist/src/cli/commands/daemon.js | matched "\\x00" | 3 |
| low | Obfuscation | package/dist/src/cli/spells/connectors/graph.js | matched "\\u0000" | 3 |
| low | Obfuscation | package/dist/src/cli/init/helpers-generator.js | matched "\\x1b" | 3 |
| low | Obfuscation | package/dist/src/cli/commands/hooks.js | matched "\\x1b" | 3 |
| low | Obfuscation | package/dist/src/cli/hooks/statusline/index.js | matched "\\x1b" | 3 |
| low | Obfuscation | package/dist/src/cli/shared/security/input-validation.js | matched "\\x00" | 3 |
| low | Obfuscation | package/dist/src/cli/commands/neural.js | matched "eval(" | 3 |
| low | Obfuscation | package/dist/src/cli/output.js | matched "\\x1b" | 3 |
| low | Obfuscation | package/dist/src/cli/spells/core/prerequisite-checker.js | matched "\\x1b" | 3 |
| low | Obfuscation | package/dist/src/cli/spells/commands/prompt-command.js | matched "\\x1b" | 3 |
| low | Obfuscation | package/dist/src/cli/prompt.js | matched "\\x1b" | 3 |
| low | Obfuscation | package/dist/src/cli/memory/rvf-backend.js | matched "fromCharCode" | 3 |
| low | Obfuscation | package/dist/src/cli/commands/security.js | matched "eval(" | 3 |
| low | Obfuscation | package/dist/src/cli/commands/status.js | matched "\\x1b" | 3 |
| low | Obfuscation | package/dist/src/cli/aidefence/domain/services/threat-detection-service.js | matched "\\u200B" | 3 |
| low | Obfuscation | package/.claude/helpers/auto-memory-hook.mjs | matched "\\x1b" | 3 |
Manifest
Package metadata
Scripts15
benchvitest run --config vitest.bench.config.tsbuildtscdevtsx watch src/cli/index.tsflonode bin/cli.jslinteslint src/ bin/ .claude/scripts/ --ext .ts,.tsx,.mts,.cts,.js,.mjs,.cjs --max-warnings 0postinstallnode scripts/prune-native-binaries.mjs && node scripts/post-install-notice.mjs && node scripts/post-install-bootstrap.mjsprebuildnode scripts/sync-version.mjs && node scripts/clean-dist.mjsprepublishOnlynpm run buildsecurity:auditnpm audit --omit=dev --audit-level highsecurity:fixnpm audit fixtestnode scripts/test-runner.mjstest:smokenode harness/consumer-smoke/run.mjstest:smoke:populatednode harness/consumer-smoke/run-populated.mjstest:uivitest --uiversionnode scripts/sync-version.mjs && git add src/cli/version.ts
Dependencies8
@anush008/tokenizers^0.6.0@modelcontextprotocol/sdk^1.0.0js-yaml^4.1.1lru-cache^11.3.5onnxruntime-node^1.24.3semver^7.7.4tar^7.5.11valibot^1.3.1