@ls-stack/agent-eval
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-ol64metU.js | AI (source-diff): Vite-bundled React web UI; minified output is expected for this package's embedded web app. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-CYhn4DJ0.mjs | AI (source-diff): Bundled ESM with long lines from minification; readable code with comments, no obfuscation indicators. | ai | |
| source-diff | net-exec-file:dist/cli-CG66f0GN.mjs | AI (source-diff): CLI bundle uses Node built-ins (spawn, fetch) for legitimate eval orchestration; readable source with comments. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-ol64metU.js | AI (source-diff): Frontend bundle uses fetch for modulepreload; no malicious network+exec pattern present. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-B3KnzmWT.js | AI (source-diff): Network+exec pattern is from Vite's dynamic import/lazy-loading in the bundled web UI, not dropper behavior. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-B3KnzmWT.js | AI (source-diff): Vite-bundled web app asset with __vite__mapDeps; minification is expected for this package's embedded web UI. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-BIEuCK_8.js | AI (source-diff): Standard Vite SPA bundle; network+dynamic-import pattern is normal for lazy-loaded frontend code. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-BIEuCK_8.js | AI (source-diff): Vite-bundled frontend asset with syntax highlighter chunks; minification is expected for this web UI dist. | ai | |
| source-diff | net-exec-file:dist/cli-Dkp2-rBm.mjs | AI (source-diff): CLI bundle imports chokidar/glob/child_process for legitimate eval orchestration; no exfiltration indicators. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-ibhQ_P7i.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for a bundled web app asset. | ai | |
| source-diff | net-exec-file:dist/cli-B0QmsWCU.mjs | AI (source-diff): Readable CLI tool for agent eval runner; network+exec usage is legitimate for a test/eval framework CLI. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-Cv1kiOAG.mjs | AI (source-diff): tsdown-bundled Node module with readable source region comments; minification is expected build output. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-Cba4MFa0.js | AI (source-diff): Standard Vite-bundled React frontend asset; minification is expected for web dist output. | ai | |
| source-diff | net-exec-file:dist/cli-weogme5U.mjs | AI (source-diff): Network calls are LLM API calls; code execution is git/child-process orchestration for eval runner — legitimate tool behavior. | ai | |
| source-diff | net-exec-file:dist/cli-C5FL7C4G.mjs | AI (source-diff): Readable CLI runner that spawns test processes and serves a web UI; network+exec is core to the tool's purpose. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-CBvHVkE7.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for this web app asset. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-CFF1eYUm.js | AI (source-diff): Standard Vite/React production bundle; minified output is expected for this web UI asset. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-3bLi3uQJ.js | AI (source-diff): Standard Vite-bundled React app output; package.json explicitly copies web/dist into dist/web via tsdown. | ai | |
| source-diff | net-exec-file:dist/cli-CmNNm6d0.mjs | AI (source-diff): CLI tool legitimately uses spawn/spawnSync for subprocess management; no exfiltration or dropper pattern present. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-FEvBwwJI.mjs | AI (source-diff): Minified but readable ESM bundle with clear source-region comments; legitimate orchestration code. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-6YqV9t4k.js | AI (source-diff): Standard Vite-minified React bundle copied from web app build; expected for this package's tsdown config. | ai | |
| source-diff | net-exec-file:dist/cli-Clf8xUFa.mjs | AI (source-diff): CLI tool using spawn/spawnSync for subprocess management and chokidar for file watching; no dropper behavior. | ai | |
| source-diff | net-exec-file:dist/cli-Be0x8CS3.mjs | AI (source-diff): CLI tool using spawnSync('git') and Node fs/path built-ins; no dropper behavior. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-KbbX3NYr.js | AI (source-diff): Standard Vite/React minified bundle; readable JSX/module patterns visible in sample. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-D697g6Qe.mjs | AI (source-diff): Rollup-bundled ESM with readable source comments and standard Node imports; not obfuscated. | ai | |
| source-diff | net-exec-file:dist/cli-BEtk5skO.mjs | AI (source-diff): Bundled CLI using node:child_process (spawn) and node:fs — standard tooling pattern, no suspicious remote execution. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-Bx1VZctJ.js | AI (source-diff): Vite frontend bundle with lazy-loaded language assets; network+exec pattern is normal for SPA chunk loading. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-Bx1VZctJ.js | AI (source-diff): Standard Vite-bundled frontend asset; minification is expected for this web app dist output. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-C4o5TcIu.mjs | AI (source-diff): Readable TypeScript-compiled ESM with comments; long lines from bundling, not obfuscation. | ai | |
| source-diff | net-exec-file:dist/cli-CwGcJYWe.mjs | AI (source-diff): Readable CLI ESM bundle using standard Node.js APIs; network+exec pattern is legitimate CLI orchestration. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-BiwYbMem.js | AI (source-diff): Browser bundle with fetch for modulepreload; no malicious payload. Stable for this package. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-BiwYbMem.js | AI (source-diff): Vite-bundled React web UI; minified but not obfuscated. Stable pattern for this package. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-BJX1ESNi.js | AI (source-diff): Network calls and dynamic code in this file are normal browser-side React app patterns (fetch, dynamic imports), not dropper behavior. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-BJX1ESNi.js | AI (source-diff): Standard Vite/React minified frontend bundle produced by the documented build script; not obfuscated malware. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-dAgwnqH2.js | AI (source-diff): Network+exec pattern is from Vite's dynamic import/lazy-loading mechanism in a bundled web UI, not dropper behavior. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-dAgwnqH2.js | AI (source-diff): Vite-bundled web app asset with __vite__mapDeps; standard minified frontend output, not obfuscation. | ai | |
| source-diff | net-exec-file:dist/cli-_g2qOMK6.mjs | AI (source-diff): CLI bundle with readable imports and standard Node APIs (spawn, fs); no obfuscation or suspicious payloads. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-Cz9p4l-t.js | AI (source-diff): Same Vite bundle; network+eval pattern is standard browser SPA code, not dropper malware. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-Cz9p4l-t.js | AI (source-diff): Vite-bundled frontend asset with __vite__mapDeps; minification is expected for this package's embedded web UI. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-RNejIyap.js | AI (source-diff): Vite SPA bundle; network calls and dynamic imports are normal browser app patterns, not dropper behavior. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-RNejIyap.js | AI (source-diff): Standard Vite-bundled frontend asset with __vite__mapDeps; minification is expected for this package's embedded web UI. | ai | |
| source-diff | net-exec-file:dist/cli-3FrKBc9l.mjs | AI (source-diff): CLI entry point using node:child_process (spawn) and node:fs for legitimate eval orchestration; consistent with package purpose. | ai | |
| source-diff | net-exec-file:dist/cli-CULTt3Xp.mjs | AI (source-diff): Agent eval CLI legitimately uses spawn/network calls to run test orchestration; consistent with package purpose. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-D2okEB3I.mjs | AI (source-diff): tsdown-bundled orchestration module; long lines from bundling, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-C5IRkeUz.js | AI (source-diff): Vite-bundled React frontend asset; minification is expected for this package's web UI component. | ai | |
| source-diff | net-exec-file:dist/cli-BQwRbqsL.mjs | AI (source-diff): CLI tool using spawn/spawnSync for eval subprocess management; network+exec pattern is expected for this tool's purpose. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-Czer_MdN.js | AI (source-diff): Standard Vite/React minified web UI bundle; expected artifact for a package that ships a web frontend. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-ClWYWPen.mjs | AI (source-diff): Bundled orchestration logic with readable imports and comments; minified but not obfuscated malware. | ai | |
| source-diff | net-exec-file:dist/cli-DrPk66xh.mjs | AI (source-diff): CLI tool legitimately uses spawn + network for eval orchestration; not dropper behavior. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-CmY0_D5Z.js | AI (source-diff): Standard Vite/React minified bundle; obfuscation flag is a false positive for bundled web UI assets. | ai | |
| source-diff | net-exec-file:dist/cli-C4yumCXE.mjs | AI (source-diff): CLI tool legitimately uses spawn/spawnSync and fs/crypto; consistent with eval-runner orchestration purpose. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-BOSo9TXL.js | AI (source-diff): Standard Vite-minified React bundle for embedded web UI; expected build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-B31SV_Bq.mjs | AI (source-diff): tsdown-bundled ESM output with readable source comments; not obfuscated, just minified long lines. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-CvJmtK1T.js | AI (source-diff): Standard Vite/React minified bundle; React JSX runtime clearly visible in sample. | ai | |
| source-diff | net-exec-file:dist/cli-DQK5W0je.mjs | AI (source-diff): CLI tool legitimately uses spawn for child process execution and network for local hono server; matches package purpose. | ai | |
| source-diff | net-exec-file:dist/cli-T6FYE2Bk.mjs | AI (source-diff): spawn/spawnSync usage is expected for a CLI eval runner; not dropper malware. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-CW_Fzr2c.mjs | AI (source-diff): Minified bundle output from tsdown; long lines are normal for bundled ESM. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-BxcwUS7V.js | AI (source-diff): Vite-bundled React web UI; minification is expected for this package's embedded web app. | ai | |
| source-diff | net-exec-file:dist/cli-CMiCEQ-3.mjs | AI (source-diff): CLI orchestration code using spawn/chokidar/glob; pattern is stable for this eval-runner package. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-J1yKYGfN.js | AI (source-diff): Standard Vite/React minified bundle; package.json tsdown config explicitly copies web app dist into package. | ai | |
| source-diff | net-exec-file:dist/cli-C-n-Fd4o.mjs | AI (source-diff): Readable bundled CLI source using spawn/chokidar for eval runner; no dropper behavior. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-C4v6dWcv.js | AI (source-diff): Vite React bundle; fetch + dynamic code patterns are normal browser app behavior, not malware. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-C4v6dWcv.js | AI (source-diff): Standard Vite-bundled React app output; minification is expected for web UI assets in this package. | ai | |
| source-diff | net-exec-file:dist/cli-Sg8UdOnm.mjs | AI (source-diff): CLI bundle with legitimate Node.js imports (spawn, fs, crypto); network+exec pattern is expected for an agent eval runner. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-CTzVNrDP.mjs | AI (source-diff): Bundled orchestration module with readable source comments and standard imports; long lines from bundling, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-BNQnbfi0.js | AI (source-diff): Vite-bundled React web UI; minification is expected for this asset. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-BNQnbfi0.js | AI (source-diff): Browser bundle with fetch for modulepreload; not a dropper. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-BV_DM8fZ.js | AI (source-diff): Vite-bundled React web UI; minification is expected for this asset. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-BV_DM8fZ.js | AI (source-diff): Browser bundle with fetch for modulepreload; not a dropper. | ai | |
| source-diff | net-exec-file:dist/cli-huuJbDNb.mjs | AI (source-diff): Readable compiled CLI code using Node built-ins; no malicious network+exec pattern. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-ZpN7xty_.mjs | AI (source-diff): Bundled orchestration module with readable source comments; long lines from bundling, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-DJf7Af49.js | AI (source-diff): Standard Vite/React production bundle; minified but not obfuscated. Pattern is stable for this package. | ai | |
| source-diff | net-exec-file:dist/cli-DolSsprq.mjs | AI (source-diff): CLI tool legitimately uses spawn for child process management; network+exec pattern is expected for an eval runner. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-CAyVXPFz.mjs | AI (source-diff): Readable TypeScript-compiled orchestration module; long lines from bundling, not obfuscation. | ai | |
| source-diff | net-exec-file:dist/cli-CMPmuY7W.mjs | AI (source-diff): Readable compiled CLI code with normal Node.js imports; network+exec pattern is legitimate eval orchestration. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-CPcVyFRP.js | AI (source-diff): Standard Vite/React production bundle; minified but not obfuscated, React runtime clearly visible in sample. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-CPcVyFRP.js | AI (source-diff): Browser-side React app bundle; fetch calls are modulepreload polyfill, not dropper behavior. | ai | |
| source-diff | net-exec-file:dist/cli-CiFOqMwS.mjs | AI (source-diff): CLI bundle using Node built-ins (spawn, fetch); readable code with no exfiltration indicators. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-DEikHy2a.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for the bundled web UI. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-DEikHy2a.js | AI (source-diff): Browser bundle with fetch/modulepreload; network+exec pattern is normal for a React SPA. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-CO3Vf0cQ.mjs | AI (source-diff): Bundled orchestration module; long lines from bundling, not obfuscation — readable source visible in sample. | ai | |
| source-diff | net-exec-file:dist/cli-vdJYkEVk.mjs | AI (source-diff): CLI bundle using node:fs, node:crypto, spawn — legitimate CLI tooling, not dropper. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-am2Knit6.js | AI (source-diff): Minified React web app bundle; fetch calls are browser UI, not dropper behavior. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-am2Knit6.js | AI (source-diff): Standard Vite-minified React bundle; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-DS552a3u.js | AI (source-diff): Vite-bundled React web UI; minified but clearly legitimate React/JSX code in sample. | ai | |
| source-diff | net-exec-file:dist/cli-3zANEAhG.mjs | AI (source-diff): CLI tool using spawn/spawnSync for subprocess management; expected pattern for an eval-runner CLI. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-BBg_VUH5.mjs | AI (source-diff): Rollup-bundled Node.js orchestration code; readable source with comments, not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-9hO8NpgZ.js | AI (source-diff): Standard Vite/React production bundle; minified but not obfuscated. Package explicitly copies web app dist in build config. | ai | |
| source-diff | net-exec-file:dist/cli-BmrtjQj_.mjs | AI (source-diff): CLI tool using Node.js spawn/fs APIs for eval orchestration; no dropper behavior visible in sample. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-BDyNrRQT.mjs | AI (source-diff): Readable bundled ESM output from tsdown; long lines are bundled source, not obfuscation. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-BCr6J8Uj.js | AI (source-diff): Browser-side React bundle; fetch + dynamic patterns are normal React/Vite output, not dropper behavior. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-BCr6J8Uj.js | AI (source-diff): Standard Vite/React production bundle; minified output is expected for this web UI asset. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-CIARrLs6.mjs | AI (source-diff): Bundled orchestration module with readable source; long lines from bundler output, not intentional obfuscation. | ai | |
| source-diff | net-exec-file:dist/cli-CIc_gBNM.mjs | AI (source-diff): CLI bundle imports Node stdlib and project modules; network + spawn usage is expected for an agent-eval CLI tool. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-BYtcGddU.js | AI (source-diff): Standard Vite-bundled React web UI; minified but not obfuscated, stable build artifact. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-V1TxX8es.mjs | AI (source-diff): Readable commented TypeScript-compiled orchestration module; long lines from bundling, not obfuscation. | ai | |
| source-diff | net-exec-file:dist/cli-Dg3abrOv.mjs | AI (source-diff): Readable CLI module using node:child_process for spawning eval runners; legitimate tool behavior. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-BYtcGddU.js | AI (source-diff): Browser bundle with fetch for modulepreload; no dropper pattern, normal SPA behavior. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-5CB9eJZy.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for a bundled web UI asset. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/index-5CB9eJZy.js | AI (source-diff): Browser-side React bundle; fetch calls are normal browser networking, not dropper behavior. | ai | |
| source-diff | net-exec-file:dist/cli-Bk5g-bat.mjs | AI (source-diff): Readable CLI bundle with named imports; network+exec pattern is legitimate for an eval orchestration CLI. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-DR2haqvV.js | AI (source-diff): Vite-bundled React web UI; minified but not obfuscated, readable code in sample. Expected artifact for this package. | ai | |
| source-diff | net-exec-file:dist/cli-DRkwWgTj.mjs | AI (source-diff): CLI entry point using node:child_process (spawn) for running eval subprocesses; legitimate use for an agent eval framework CLI tool. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-DB0dwGrd.mjs | AI (source-diff): Rollup-bundled Node.js orchestration code; long lines from bundling, not obfuscation. Readable source with comments in sample. | ai | |
| source-diff | net-exec-file:dist/cli-BEPaYHmX.mjs | AI (source-diff): CLI tool legitimately uses spawn/chokidar/glob for eval orchestration; no dropper pattern in sample. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-DrgpaDaf.mjs | AI (source-diff): Rollup-bundled ESM output with readable source comments; minification is standard build output. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-Cx2CvM6a.js | AI (source-diff): Vite-bundled React web UI; minification is expected for this package's built-in web interface. | ai | |
| source-diff | net-exec-file:dist/cli-B-sCTyz8.mjs | AI (source-diff): CLI tool that spawns child processes and uses network; fully readable source, consistent with agent-eval CLI functionality. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-B3fYtpKo.mjs | AI (source-diff): Bundled orchestration code with readable source comments; minification is expected build output. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/blade-D4QpJJKB.js | AI (source-diff): Minified shiki grammar JSON; not obfuscated malware. | ai | |
| source-diff | large-new-source-files | AI (source-diff): Web UI with shiki editor bundled; large file count is expected. | ai | |
| source-diff | source-size-tripled | AI (source-diff): Size increase explained by bundled web app with shiki syntax highlighting assets. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/angular-html-CU67Zn6k.js | AI (source-diff): Minified shiki grammar JSON bundle. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/andromeeda-C4gqWexZ.js | AI (source-diff): Minified shiki theme JSON bundle. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/ada-bCR0ucgS.js | AI (source-diff): Minified shiki grammar JSON bundle. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/actionscript-3-CoDkCxhg.js | AI (source-diff): Minified shiki grammar JSON bundle. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/abap-BdImnpbu.js | AI (source-diff): Minified shiki/TextMate grammar JSON; not malicious obfuscation. | ai | |
| source-diff | net-exec-file:dist/apps/web/dist/assets/blade-D4QpJJKB.js | AI (source-diff): Bundled web app asset (shiki grammar); network+exec pattern is a false positive in this context. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/apex-D8_7TLub.js | AI (source-diff): Minified shiki grammar JSON bundle. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/apache-Pmp26Uib.js | AI (source-diff): Minified shiki grammar JSON bundle. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/angular-ts-BwZT4LLn.js | AI (source-diff): Minified shiki grammar JSON bundle. | ai | |
| source-diff | obfuscated-file:dist/runOrchestration-H0pSUl3I.mjs | AI (source-diff): Bundled/minified orchestration module; sample shows readable source-mapped code, not obfuscation. | ai | |
| source-diff | net-exec-file:dist/cli-lOZdhO2D.mjs | AI (source-diff): CLI tool using spawn for child process management; network+exec pattern is expected for an eval runner CLI. | ai | |
| source-diff | obfuscated-file:dist/apps/web/dist/assets/index-Drw0IpOd.js | AI (source-diff): Standard Vite/React minified bundle for the package's embedded web UI; not malicious obfuscation. | ai | |
| phantom-deps | phantom-dep:vitest | AI (phantom-deps): vitest is listed as a runtime dep and used in test config; phantom-dep heuristic is a false positive here. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Internal scoped package (@ls-stack); missing metadata is expected for private tooling, not a spam/malware indicator. | ai |
Versions (showing 49 of 49)
| Version | Deps | Published |
|---|---|---|
| 0.59.1 | 11 / 5 | |
| 0.58.1 | 11 / 5 | |
| 0.54.0 | 11 / 5 | |
| 0.53.0 | 11 / 5 | |
| 0.52.2 | 11 / 5 | |
| 0.52.1 | 11 / 5 | |
| 0.52.0 | 11 / 5 | |
| 0.51.0 | 11 / 5 | |
| 0.50.0 | 11 / 5 | |
| 0.47.0 | 11 / 5 | |
| 0.46.0 | 11 / 5 | |
| 0.45.2 | 11 / 5 | |
| 0.45.0 | 11 / 5 | |
| 0.42.0 | 11 / 5 | |
| 0.40.0 | 11 / 5 | |
| 0.37.0 | 10 / 5 | |
| 0.36.0 | 10 / 5 | |
| 0.34.0 | 10 / 5 | |
| 0.33.0 | 10 / 5 | |
| 0.32.0 | 10 / 5 | |
| 0.31.0 | 10 / 5 | |
| 0.30.0 | 10 / 5 | |
| 0.29.0 | 10 / 5 | |
| 0.28.0 | 10 / 5 | |
| 0.27.1 | 10 / 5 | |
| 0.27.0 | 10 / 5 | |
| 0.26.3 | 10 / 5 | |
| 0.26.2 | 10 / 5 | |
| 0.26.1 | 10 / 5 | |
| 0.26.0 | 10 / 5 | |
| 0.24.0 | 10 / 5 | |
| 0.20.0 | 10 / 5 | |
| 0.19.0 | 10 / 5 | |
| 0.18.0 | 10 / 5 | |
| 0.17.0 | 10 / 5 | |
| 0.16.0 | 10 / 5 | |
| 0.15.0 | 10 / 5 | |
| 0.14.0 | 10 / 5 | |
| 0.13.0 | 10 / 5 | |
| 0.12.2 | 10 / 5 | |
| 0.12.1 | 10 / 5 | |
| 0.12.0 | 10 / 5 | |
| 0.9.0 | 10 / 5 | |
| 0.8.0 | 10 / 5 | |
| 0.6.0 | 10 / 5 | |
| 0.5.0 | 10 / 5 | |
| 0.4.0 | 10 / 5 | |
| 0.3.0 | 10 / 5 | |
| 0.2.0 | 10 / 5 |
v0.59.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.58.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.54.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.53.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.52.2
49 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.52.1
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.52.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.51.0
49 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.50.0
49 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.47.0
39 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.46.0
39 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.45.2
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.45.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.42.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.40.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.37.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.36.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.34.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.33.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.32.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.31.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.30.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.29.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.28.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.27.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.27.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.26.3
3 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.26.2
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.26.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.26.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.24.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.20.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.19.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.18.0
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.0
2 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.12.2
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.12.1
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.9.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.8.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.6.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.5.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.4.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.3.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.