Loading npm security reports…
A collection of web components for building web applications based off of @shoelace-style/Shoelace
Static analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Package contains a high-severity secret pattern.
docs/pages/components/reveal.mdView on unpkg · L326Stripe webhook signing secret in docs/pages/components/reveal.md
docs/pages/components/reveal.mdView on unpkg · L326Package source references a known benign dynamic code generation pattern.
dist/chunks/zn.4YKYUIHS.jsView on unpkg · L2Package source references dynamic require/import behavior.
dist/zn.min.jsView on unpkg · L38Package contains a high-severity secret pattern.
docs/pages/components/reveal.mdView on unpkg · L326Stripe webhook signing secret in docs/pages/components/reveal.md
docs/pages/components/reveal.mdView on unpkg · L326Package source references dynamic require/import behavior.
dist/zn.min.jsView on unpkg · L38Package source references a known benign dynamic code generation pattern.
dist/chunks/zn.4YKYUIHS.jsView on unpkg · L2