Loading npm security reports…
A no-build web component framework specification — scaffold, validate, and evolve spec-compliant projects
Static analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Package contains a critical-looking secret pattern.
templates/shared/.envView on unpkg · L6Package source references child process execution.
lib/spec-i18n-locales.jsView on unpkg · L6Package source invokes a package manager install command at runtime.
lib/spec-i18n-locales.jsView on unpkg · L6Package source references dynamic require/import behavior.
lib/check.jsView on unpkg · L27Package contains a critical-looking secret pattern.
templates/shared/.envView on unpkg · L6Package source references child process execution.
lib/spec-i18n-locales.jsView on unpkg · L6Package source invokes a package manager install command at runtime.
lib/spec-i18n-locales.jsView on unpkg · L6Package source references dynamic require/import behavior.
lib/check.jsView on unpkg · L27