@ls-stack/agent-eval
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-CmY0_D5Z.js | AI (source-diff): Standard Vite/React minified bundle; obfuscation flag is a false positive for bundled web UI assets. | ai | |
| source-diff | net-exec-file:dist/cli-DrPk66xh.mjs | AI (source-diff): CLI tool legitimately uses spawn + network for eval orchestration; not dropper behavior. | ai | |
| source-diff | net-exec-file:dist/cli-C4yumCXE.mjs | AI (source-diff): CLI tool legitimately uses spawn/spawnSync and fs/crypto; consistent with eval-runner orchestration purpose. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-B31SV_Bq.mjs | AI (source-diff): tsdown-bundled ESM output with readable source comments; not obfuscated, just minified long lines. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-BOSo9TXL.js | AI (source-diff): Standard Vite-minified React bundle for embedded web UI; expected build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-CvJmtK1T.js | AI (source-diff): Standard Vite/React minified bundle; React JSX runtime clearly visible in sample. | ai | |
| source-diff | net-exec-file:dist/cli-DQK5W0je.mjs | AI (source-diff): CLI tool legitimately uses spawn for child process execution and network for local hono server; matches package purpose. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-CW_Fzr2c.mjs | AI (source-diff): Minified bundle output from tsdown; long lines are normal for bundled ESM. | ai | |
| source-diff | net-exec-file:dist/cli-T6FYE2Bk.mjs | AI (source-diff): spawn/spawnSync usage is expected for a CLI eval runner; not dropper malware. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-BxcwUS7V.js | AI (source-diff): Vite-bundled React web UI; minification is expected for this package's embedded web app. | ai | |
| source-diff | net-exec-file:dist/cli-CMiCEQ-3.mjs | AI (source-diff): CLI orchestration code using spawn/chokidar/glob; pattern is stable for this eval-runner package. | ai | |
| source-diff | net-exec-file:dist/cli-C-n-Fd4o.mjs | AI (source-diff): Readable bundled CLI source using spawn/chokidar for eval runner; no dropper behavior. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-J1yKYGfN.js | AI (source-diff): Standard Vite/React minified bundle; package.json tsdown config explicitly copies web app dist into package. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-C4v6dWcv.js | AI (source-diff): Vite React bundle; fetch + dynamic code patterns are normal browser app behavior, not malware. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-CTzVNrDP.mjs | AI (source-diff): Bundled orchestration module with readable source comments and standard imports; long lines from bundling, not obfuscation. | ai | |
| source-diff | net-exec-file:dist/cli-Sg8UdOnm.mjs | AI (source-diff): CLI bundle with legitimate Node.js imports (spawn, fs, crypto); network+exec pattern is expected for an agent eval runner. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-C4v6dWcv.js | AI (source-diff): Standard Vite-bundled React app output; minification is expected for web UI assets in this package. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-BNQnbfi0.js | AI (source-diff): Browser bundle with fetch for modulepreload; not a dropper. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-BNQnbfi0.js | AI (source-diff): Vite-bundled React web UI; minification is expected for this asset. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-BV_DM8fZ.js | AI (source-diff): Browser bundle with fetch for modulepreload; not a dropper. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-ZpN7xty_.mjs | AI (source-diff): Bundled orchestration module with readable source comments; long lines from bundling, not obfuscation. | ai | |
| source-diff | net-exec-file:dist/cli-huuJbDNb.mjs | AI (source-diff): Readable compiled CLI code using Node built-ins; no malicious network+exec pattern. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-BV_DM8fZ.js | AI (source-diff): Vite-bundled React web UI; minification is expected for this asset. | ai | |
| source-diff | net-exec-file:dist/cli-DolSsprq.mjs | AI (source-diff): CLI tool legitimately uses spawn for child process management; network+exec pattern is expected for an eval runner. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-DJf7Af49.js | AI (source-diff): Standard Vite/React production bundle; minified but not obfuscated. Pattern is stable for this package. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-CPcVyFRP.js | AI (source-diff): Browser-side React app bundle; fetch calls are modulepreload polyfill, not dropper behavior. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-CAyVXPFz.mjs | AI (source-diff): Readable TypeScript-compiled orchestration module; long lines from bundling, not obfuscation. | ai | |
| source-diff | net-exec-file:dist/cli-CMPmuY7W.mjs | AI (source-diff): Readable compiled CLI code with normal Node.js imports; network+exec pattern is legitimate eval orchestration. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-CPcVyFRP.js | AI (source-diff): Standard Vite/React production bundle; minified but not obfuscated, React runtime clearly visible in sample. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-DEikHy2a.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for the bundled web UI. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-CO3Vf0cQ.mjs | AI (source-diff): Bundled orchestration module; long lines from bundling, not obfuscation — readable source visible in sample. | ai | |
| source-diff | net-exec-file:dist/cli-CiFOqMwS.mjs | AI (source-diff): CLI bundle using Node built-ins (spawn, fetch); readable code with no exfiltration indicators. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-DEikHy2a.js | AI (source-diff): Browser bundle with fetch/modulepreload; network+exec pattern is normal for a React SPA. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-am2Knit6.js | AI (source-diff): Minified React web app bundle; fetch calls are browser UI, not dropper behavior. | ai | |
| source-diff | net-exec-file:dist/cli-vdJYkEVk.mjs | AI (source-diff): CLI bundle using node:fs, node:crypto, spawn — legitimate CLI tooling, not dropper. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-am2Knit6.js | AI (source-diff): Standard Vite-minified React bundle; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-DS552a3u.js | AI (source-diff): Vite-bundled React web UI; minified but clearly legitimate React/JSX code in sample. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-BBg_VUH5.mjs | AI (source-diff): Rollup-bundled Node.js orchestration code; readable source with comments, not obfuscated. | ai | |
| source-diff | net-exec-file:dist/cli-3zANEAhG.mjs | AI (source-diff): CLI tool using spawn/spawnSync for subprocess management; expected pattern for an eval-runner CLI. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-9hO8NpgZ.js | AI (source-diff): Standard Vite/React production bundle; minified but not obfuscated. Package explicitly copies web app dist in build config. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-BDyNrRQT.mjs | AI (source-diff): Readable bundled ESM output from tsdown; long lines are bundled source, not obfuscation. | ai | |
| source-diff | net-exec-file:dist/cli-BmrtjQj_.mjs | AI (source-diff): CLI tool using Node.js spawn/fs APIs for eval orchestration; no dropper behavior visible in sample. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-CIARrLs6.mjs | AI (source-diff): Bundled orchestration module with readable source; long lines from bundler output, not intentional obfuscation. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-BCr6J8Uj.js | AI (source-diff): Browser-side React bundle; fetch + dynamic patterns are normal React/Vite output, not dropper behavior. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-BCr6J8Uj.js | AI (source-diff): Standard Vite/React production bundle; minified output is expected for this web UI asset. | ai | |
| source-diff | net-exec-file:dist/cli-CIc_gBNM.mjs | AI (source-diff): CLI bundle imports Node stdlib and project modules; network + spawn usage is expected for an agent-eval CLI tool. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-BYtcGddU.js | AI (source-diff): Browser bundle with fetch for modulepreload; no dropper pattern, normal SPA behavior. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-BYtcGddU.js | AI (source-diff): Standard Vite-bundled React web UI; minified but not obfuscated, stable build artifact. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-V1TxX8es.mjs | AI (source-diff): Readable commented TypeScript-compiled orchestration module; long lines from bundling, not obfuscation. | ai | |
| source-diff | net-exec-file:dist/cli-Dg3abrOv.mjs | AI (source-diff): Readable CLI module using node:child_process for spawning eval runners; legitimate tool behavior. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-5CB9eJZy.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for a bundled web UI asset. | ai | |
| source-diff | net-exec-file:dist/cli-Bk5g-bat.mjs | AI (source-diff): Readable CLI bundle with named imports; network+exec pattern is legitimate for an eval orchestration CLI. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-5CB9eJZy.js | AI (source-diff): Browser-side React bundle; fetch calls are normal browser networking, not dropper behavior. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-DR2haqvV.js | AI (source-diff): Vite-bundled React web UI; minified but not obfuscated, readable code in sample. Expected artifact for this package. | ai | |
| source-diff | net-exec-file:dist/cli-DRkwWgTj.mjs | AI (source-diff): CLI entry point using node:child_process (spawn) for running eval subprocesses; legitimate use for an agent eval framework CLI tool. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-DB0dwGrd.mjs | AI (source-diff): Rollup-bundled Node.js orchestration code; long lines from bundling, not obfuscation. Readable source with comments in sample. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-DrgpaDaf.mjs | AI (source-diff): Rollup-bundled ESM output with readable source comments; minification is standard build output. | ai | |
| source-diff | net-exec-file:dist/cli-BEPaYHmX.mjs | AI (source-diff): CLI tool legitimately uses spawn/chokidar/glob for eval orchestration; no dropper pattern in sample. | ai | |
| source-diff | net-exec-file:dist/cli-B-sCTyz8.mjs | AI (source-diff): CLI tool that spawns child processes and uses network; fully readable source, consistent with agent-eval CLI functionality. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-B3fYtpKo.mjs | AI (source-diff): Bundled orchestration code with readable source comments; minification is expected build output. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-Cx2CvM6a.js | AI (source-diff): Vite-bundled React web UI; minification is expected for this package's built-in web interface. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/blade-D4QpJJKB.js | AI (source-diff): Minified shiki grammar JSON; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/apache-Pmp26Uib.js | AI (source-diff): Minified shiki grammar JSON bundle. | ai | |
| source-diff | source-size-tripled | AI (source-diff): Size increase explained by bundled web app with shiki syntax highlighting assets. | ai | |
| source-diff | large-new-source-files | AI (source-diff): Web UI with shiki editor bundled; large file count is expected. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/blade-D4QpJJKB.js | AI (source-diff): Bundled web app asset (shiki grammar); network+exec pattern is a false positive in this context. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/apex-D8_7TLub.js | AI (source-diff): Minified shiki grammar JSON bundle. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/angular-html-CU67Zn6k.js | AI (source-diff): Minified shiki grammar JSON bundle. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/andromeeda-C4gqWexZ.js | AI (source-diff): Minified shiki theme JSON bundle. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/ada-bCR0ucgS.js | AI (source-diff): Minified shiki grammar JSON bundle. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/actionscript-3-CoDkCxhg.js | AI (source-diff): Minified shiki grammar JSON bundle. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/abap-BdImnpbu.js | AI (source-diff): Minified shiki/TextMate grammar JSON; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/angular-ts-BwZT4LLn.js | AI (source-diff): Minified shiki grammar JSON bundle. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-Drw0IpOd.js | AI (source-diff): Standard Vite/React minified bundle for the package's embedded web UI; not malicious obfuscation. | ai | |
| source-diff | net-exec-file:dist/cli-lOZdhO2D.mjs | AI (source-diff): CLI tool using spawn for child process management; network+exec pattern is expected for an eval runner CLI. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-H0pSUl3I.mjs | AI (source-diff): Bundled/minified orchestration module; sample shows readable source-mapped code, not obfuscation. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Internal scoped package (@ls-stack); missing metadata is expected for private tooling, not a spam/malware indicator. | ai | |
| phantom-deps | phantom-dep:vitest | AI (phantom-deps): vitest is listed as a runtime dep and used in test config; phantom-dep heuristic is a false positive here. | ai |
Versions (showing 31 of 31)
| Version | Deps | Published |
|---|---|---|
| 0.52.2 | 11 / 5 | |
| 0.51.0 | 11 / 5 | |
| 0.50.0 | 11 / 5 | |
| 0.47.0 | 11 / 5 | |
| 0.46.0 | 11 / 5 | |
| 0.45.0 | 11 / 5 | |
| 0.42.0 | 11 / 5 | |
| 0.40.0 | 11 / 5 | |
| 0.36.0 | 10 / 5 | |
| 0.33.0 | 10 / 5 | |
| 0.32.0 | 10 / 5 | |
| 0.31.0 | 10 / 5 | |
| 0.30.0 | 10 / 5 | |
| 0.29.0 | 10 / 5 | |
| 0.27.0 | 10 / 5 | |
| 0.26.3 | 10 / 5 | |
| 0.26.1 | 10 / 5 | |
| 0.19.0 | 10 / 5 | |
| 0.18.0 | 10 / 5 | |
| 0.16.0 | 10 / 5 | |
| 0.15.0 | 10 / 5 | |
| 0.14.0 | 10 / 5 | |
| 0.13.0 | 10 / 5 | |
| 0.12.2 | 10 / 5 | |
| 0.12.1 | 10 / 5 | |
| 0.12.0 | 10 / 5 | |
| 0.9.0 | 10 / 5 | |
| 0.8.0 | 10 / 5 | |
| 0.6.0 | 10 / 5 | |
| 0.3.0 | 10 / 5 | |
| 0.2.0 | 10 / 5 |
v0.52.2
49 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.51.0
49 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.50.0
49 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.47.0
39 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.46.0
39 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.45.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.42.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.40.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.36.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.33.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.32.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.31.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.30.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.29.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.27.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.26.3
3 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.26.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.19.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.18.0
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.0
2 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.12.2
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.12.1
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.9.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.8.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.6.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.3.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.