Trust signals
Why this verdict
PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.
- Versions published
- 1
- First published
- Jun 2026
- Publisher
- uladkasach
Recommended action
Looks clean — keep monitoringNo high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.
Block this release in CIcurl · GitHub Actions
Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer $PKGRADAR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"specs":["[email protected]"],"fail_on":"review"}'GitHub Actions step:
- name: PkgRadar gate
run: |
curl -fsS https://pkgradar.com/gate/npm \
-H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
-H "Content-Type: application/json" \
-d '{"specs":["[email protected]"],"fail_on":"review"}'Why flagged
What the scanner saw
No high-signal static finding in the saved report.
Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.
Availability ledger
available
Status history (1 event)
- new → available · risk low · score 0 · status changed
Evidence
Static findings
No findings stored for this release.
Manifest
Package metadata
Scripts31
buildnpm run build:clean && npm run build:compile && npm run build:complete --if-presentbuild:cleannpm run build:clean:tsc && npm run build:clean:bunbuild:clean:bunrm -f ./bin/*.bcbuild:clean:tsc(chmod -R u+w dist 2>/dev/null || true) && rm -rf dist/build:compilenpm run build:compile:tsc && npm run build:compile:bun --if-presentbuild:compile:tsctsc -p ./tsconfig.build.json && tsc-alias -p ./tsconfig.build.jsonbuild:tstsc -p ./tsconfig.build.jsoncommit:with-clinpx czfixnpm run fix:format && npm run fix:lintfix:formatnpm run fix:format:biomefix:format:biomebiome check --writefix:lintbiome check --writepostversiongit push origin HEAD --tags --no-verifyprepare:huskyhusky install && chmod ug+x .husky/*prepare:rhachetnpm run build && rhachet init --hooks --roles mechanic behaver driver reviewer librarian ergonomist architect reflector dreamerprepublishnpm run buildprepushnpm run test && npm run buildpreversionnpm run prepushtestnpm run test:commits && npm run test:types && npm run test:format && npm run test:lint && npm run test:unit && npm run test:integration && npm run test:acceptance:locallytest:acceptancenpm run build && jest -c ./jest.acceptance.config.ts --forceExit --verbose --runInBand --passWithNoTests $([ -n $RESNAP ] && echo '--updateSnapshot')test:acceptance:locallynpm run build && LOCALLY=true jest -c ./jest.acceptance.config.ts --forceExit --verbose --runInBand --passWithNoTests $([ -n $RESNAP ] && echo '--updateSnapshot')test:commitsLAST_TAG=$(git describe --tags --abbrev=0 @^ 2> /dev/null || git rev-list --max-parents=0 HEAD) && npx commitlint --from $LAST_TAG --to HEAD --verbosetest:formatnpm run test:format:biometest:format:biomebiome formattest:integrationjest -c ./jest.integration.config.ts --forceExit --verbose --passWithNoTests $([ -z $THOROUGH ] && echo '--changedSince=main') $([ -n $RESNAP ] && echo '--updateSnapshot')test:lintnpm run test:lint:biome && npm run test:lint:depstest:lint:biomebiome check --diagnostic-level=errortest:lint:biome:allbiome checktest:lint:depsnpx depcheck -c ./.depcheckrc.ymltest:typestsc -p ./tsconfig.json --noEmit- …and 1 more.
Dependencies9
domain-objects0.31.9helpful-errors1.5.3iso-price1.1.1openai5.8.2rhachet-artifact1.0.1rhachet-artifact-git1.1.5rhachet-roles-bhrain0.27.8type-fns1.21.0zod4.3.4