Loading npm security reports…
A no-build web component framework specification — scaffold, validate, and evolve spec-compliant projects
Static analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Package contains a critical-looking secret pattern.
templates/shared/.envView on unpkg · L6Package source references child process execution.
lib/spec-i18n-locales.jsView on unpkg · L6Package source references dynamic require/import behavior.
lib/check.jsView on unpkg · L29Package source invokes a package manager install command at runtime.
templates/shared/scripts/test.jsView on unpkg · L46Package contains a critical-looking secret pattern.
templates/shared/.envView on unpkg · L6Package source references child process execution.
lib/spec-i18n-locales.jsView on unpkg · L6Package source references dynamic require/import behavior.
lib/check.jsView on unpkg · L29Package source invokes a package manager install command at runtime.
templates/shared/scripts/test.jsView on unpkg · L46