Package evidence

[email protected]

Large Javascript Payload: 11818599 bytes

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads: 2
Versions published: 2
First published: Feb 2024
Publisher: help_desk

Recommended action

Review before promoting

Mixed signals: the package has indicators worth reading before allowing the update in automated dependency flows.

Inspect tarball Add to CI gate

Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["[email protected]"],"fail_on":"review"}'

Publisherhelp_desk

Artifact bytes6,966,021

Previous versionnone

Published2024-02-12T17:28:25.375Z

SHA-25618b24c8c8caeba6d10fa9c5da5e4a6bef346ee7db8045a88929f5475edd642cd

Why flagged

What the scanner saw

Large Javascript Payload: 11818599 bytes

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

review

10d agoLast checked

reviewRisk

20Score

0.0.1Version

Status history (1 event)

new → available10d ago · risk review · score 20 · status changed

Evidence

Static findings

2 static · 0 from release diff · showing high-signal first.

Severity	Kind	Path	Detail	Points
medium	Large Javascript Payload	package/dist/cjs/index.js	11818599 bytes	10
medium	Large Javascript Payload	package/dist/esm/index.js	11787546 bytes	10

Manifest

Package metadata

Scripts8

buildtsc --build && npm run copyimage
buildtailwindtailwindcss build src/style/index.css -o src/style/index.tailwind.css
cleartsdel /f "dist/style/*.ts"
copycssxcopy "src/style" "dist/style" /d /r /s
copyimagexcopy "src/image" "dist/image" /d /r /s
rollup-build-librollup -c
starttsdx watch
testtsdx test

Dependencies63

@0xsequence/token-directory^1.1.14
@ethersproject/providers^5.7.2
@moralisweb3/common-evm-utils^2.23.1
@nextui-org/react^1.0.0-beta.12
@rainbow-me/rainbowkit^1.0.10
@testing-library/jest-dom^5.16.5
@testing-library/react^13.4.0
@testing-library/user-event^13.5.0
@types/axios^0.14.0
@types/file-type^10.9.1
@types/jest^27.5.2
@types/jquery^3.5.19
@types/node^16.18.14
@types/react^18.2.22
@types/react-dom^18.0.11
@types/react-native^0.72.2
@types/react-slick^0.23.10
@types/swipe^2.0.28
@types/swiper^6.0.0
@uniswap/widgets^2.47.3
@wagmi/chains^1.8.0
@walletconnect/utils^2.10.0
@web3-react/core^6.1.9
@web3-react/injected-connector^6.0.7
@web3-react/walletconnect-connector^6.2.13
alchemy-sdk^2.10.1
antd^5.3.2
axios^1.3.4
bignumber.js4.0.4
buffer^6.0.3
…and 33 more.