Loading npm security reports…
Link → clean text → summary.
Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Package source references weak cryptographic algorithms.
dist/esm/slides/source-id.jsView on unpkg · L1Source writes installer persistence such as shell profile or service configuration.
dist/esm/daemon/systemd.jsView on unpkg · L1Package ships non-JavaScript build or shell helper files.
completions/summarize.fishView on unpkgPackage source references weak cryptographic algorithms.
dist/esm/slides/source-id.jsView on unpkg · L1Source writes installer persistence such as shell profile or service configuration.
dist/esm/daemon/systemd.jsView on unpkg · L1Package ships non-JavaScript build or shell helper files.
completions/summarize.fishView on unpkg