Loading npm security reports…
Governance runtime for AI-generated code. Scan, gate, and trace compliance automatically.
Static analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Package defines install-time lifecycle scripts.
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
install.jsView on unpkg · L10Package defines install-time lifecycle scripts.
package.jsonView on unpkg · L41Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkg · L41Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
install.jsView on unpkg · L10