Package Under Review
This package is under review. Identity is withheld until findings are confirmed. This is an automated assessment and findings are risk indicators, not confirmed threats.
pkg-YXR0cmFjZS1i...
npmwarnings detectedSecurity Scan Results
Warnings detected due to potential concerns
0
3
1
Confirmed Threats (3)
Location: package.json:11
"postinstall": "ENV=betanet /bin/bash scripts/fetch-libs.sh"Location: scripts/fetch-libs-linux.sh:3
curl $(curl https://s3.eu-central-1.amazonaws.com/attrace-builds/core/$ENV/latest/attrjsonclient.linux-x64.txt)Location: scripts/fetch-libs-darwin.sh:3
curl $(curl https://s3.eu-central-1.amazonaws.com/attrace-builds/core/$ENV/latest/attrjsonclient.darwin.txt)Install Scripts Detected
This package runs scripts during installation. Review these scripts before installing.
brin Recommendations
- →This package has warnings detected. Evaluate the specific concerns before proceeding.
- →3 verified threat patterns detected. Review the specific findings and consider alternatives.
- →Install scripts detected. When using with AI agents, consider running in a sandboxed environment.
This is an automated, point-in-time assessment and may contain errors. Findings are risk indicators, not confirmed threats. Security posture may change over time. Maintainers can dispute findings via the brin review process.
Identity withheld
Pending verification process
Download Range
Last Scanned
Trust Score
Install Scripts
This package has install scripts that run automatically:
postinstall
Capabilities
Spawns child processes
Accesses: NODE_TLS_REJECT_UNAUTHORIZED