Loading npm security reports…
Toolforge domain: generate images, videos, and visuals for podcasts and content
Static analysis flagged 11 finding(s) at 97.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Package defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
lib/overlay.jsView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkg · L11Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkg · L11Source file is highly similar to a previously finalized malicious package; route for source-aware review.
lib/overlay.jsView on unpkg