brin
brin

@mapbox/node-pre-gyp

npm

Is @mapbox/node-pre-gyp safe to use?

The latest brin safety scan flagged @mapbox/node-pre-gyp v2.0.3 with risk indicators that warrant review. No known CVE vulnerabilities. Trust score: 85/100. Review the findings below before use. This is an automated assessment and may contain errors.

Install (safety-checked)

@mapbox/node-pre-gyp Has Warnings

Warnings detected due to potential concerns

warning
CVEs

0

Threats

0

Install Scripts

0

Risk Indicators

  • Can spawn child processes

brin Recommendations

  • This package has warnings detected. Evaluate the specific concerns before proceeding.

Install with brin add @mapbox/node-pre-gyp to automatically apply these checks before installation.

This is an automated, point-in-time assessment and may contain errors. Findings are risk indicators, not confirmed threats. Security posture may change over time. Maintainers can dispute findings via the brin review process.

@mapbox/node-pre-gyp Capabilities & Permissions

What @mapbox/node-pre-gyp can access when installed. Review these capabilities before using with AI agents like Cursor, Claude Code, or Codex.

Network Access

This package makes network requests.

bucket-name.s3-Region.amazonaws.combucket-name.s3.Region.amazonaws.comgithub.comregistry.npmmirror.com
Protocols: https

Filesystem Access

Reads and writes to the filesystem.

.env (r)node_modules (r).env (r).env (w).env (w)package.json (w).env (rw)package.json (rw)+3 more

Process Spawning

This package can spawn child processes.

Environment Variables

Accesses the following environment variables.

AWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEYHTTP_PROXYNODE_PRE_GYP_ABI_CROSSWALKhttp_proxynode_pre_gyp_mock_s3node_pre_gyp_s3_hostnpm_config_npm_config_argvnpm_config_node_gyp+2 more

AGENTS.md for @mapbox/node-pre-gyp

Good instructions lead to good results. brin adds @mapbox/node-pre-gyp documentation to your AGENTS.md so your agent knows how to use it properly—improving both safety and performance.

brin init

Vercel's research: 100% accuracy with AGENTS.md vs 53% without →

@mapbox/node-pre-gyp Documentation & Source Code

For the full @mapbox/node-pre-gyp README, API documentation, and source code, visit the official package registry.

View on npmView SourceHomepage

Frequently asked questions about @mapbox/node-pre-gyp safety

Weekly Downloads

9.6M

Version

2.0.3

License

BSD-3-Clause

Last Scanned

Feb 1, 2026

Trust Score

85/100·Legitimacy signals, not safety

Capabilities

Network

Connects to: bucket-name.s3-Region.amazonaws.com, bucket-name.s3.Region.amazonaws.com, github.com...

Filesystem

Reads & Writes files

Process

Spawns child processes

Environment

Accesses: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, HTTP_PROXY...

Is @mapbox/node-pre-gyp Safe? | npm Safety Scan - brin