Package evidence

[email protected]

no findings

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads: 247
Versions published: 97Established · −30% score
First published: Sep 2025
Publisher: fernando-ram-lugo

Effective trust discount applied: −30% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.

Recommended action

Looks clean — keep monitoring

No high-signal indicators in the stored static report. PkgRadar will re-check on the next ingest pass.

Inspect tarball Add to CI gate

Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["[email protected]"],"fail_on":"review"}'

Publisherfernando-ram-lugo

Artifact bytes71,207

Previous version0.1.98

Published2026-06-11T15:09:17.641Z

SHA-2566ebd8072db7d84c9ffd5642717e6f7c07eb2d11f6d208ccc96bf65dcc1f1aa3a

Why flagged

What the scanner saw

No high-signal static finding in the saved report.

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

low

2d agoLast checked

lowRisk

0Score

0.1.99Version

Status history (1 event)

new → available2d ago · risk low · score 0 · status changed

Evidence

Static findings

No findings stored for this release.

Manifest

Package metadata

Scripts16

buildbun run clean && bun run build:esm && bun run build:types && bun run copy:css
build-storybookstorybook build
build:esmbun build ./index.ts --outdir ./dist --format esm --target browser --external react --external react-dom --external react-markdown --external lucide-react --external react-zoom-pan-pinch --external remark-gfm --external rehype-raw --external rehype-highlight --external rehype-sanitize --external rehype-slug --external hast-util-sanitize --external highlight.js --external @principal-ade/panels --external react-resizable-panels && mv ./dist/index.js ./dist/index.mjs
build:typestsc --emitDeclarationOnly --declaration --declarationMap
cleanrm -rf dist coverage
copy:csscp node_modules/highlight.js/styles/atom-one-dark.css ./dist/index.css && cat node_modules/@principal-ade/panels/dist/index.css >> ./dist/index.css
devbun run build --watch
formatprettier --write .
format:checkprettier --check .
linteslint . --ext .ts,.tsx
lint:fixeslint . --ext .ts,.tsx --fix
preparehusky
storybookstorybook dev -p 6006
testbun test
test:watchbun test --watch
typechecktsc --noEmit

Dependencies15

@modelcontextprotocol/sdk^1.0.4
@principal-ade/markdown-utils^0.2.4
@types/d3-hierarchy^3.1.7
@types/flexsearch^0.7.6
@uiw/react-textarea-code-editor^3.1.1
d3-hierarchy^3.1.2
flexsearch^0.8.205
ignore^7.0.5
js-toml^1.0.2
mermaid^11.9.0
picomatch^4.0.3
pip-requirements-js^0.2.1
uuid^10.0.0
ws^8.16.0
yaml^2.8.1