Loading npm security reports…
CLI for the AirStrings remote string management platform
Postinstall downloads a platform-specific AirStrings binary, verifies its SHA-256 against the release manifest, and extracts it to package-local `vendor/`. CLI entrypoints then run that local binary with user-supplied arguments. No confirmed malicious source-level attack surface is established.
Package defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkg · L29Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkg · L29