Loading npm security reports…
Link → clean text → summary.
No confirmed malicious attack surface. The package can install a user-level daemon and Chrome bridge only after an explicit CLI command, and its model requests are part of requested summarization.
Package source references weak cryptographic algorithms.
dist/esm/slides/source-id.jsView on unpkg · L1Source writes installer persistence such as shell profile or service configuration.
dist/esm/daemon/systemd.jsView on unpkg · L1Package ships non-JavaScript build or shell helper files.
completions/summarize.fishView on unpkgPackage source references weak cryptographic algorithms.
dist/esm/slides/source-id.jsView on unpkg · L1Source writes installer persistence such as shell profile or service configuration.
dist/esm/daemon/systemd.jsView on unpkg · L1Package ships non-JavaScript build or shell helper files.
completions/summarize.fishView on unpkg