pm2
npmIs pm2 safe to use?
The latest brin safety scan flagged pm2 v6.0.14 with risk indicators that warrant review. 1 known CVE vulnerability. Trust score: 65/100. Review the findings below before use. This is an automated assessment and may contain errors.
Install (safety-checked)
pm2 Has Warnings
Warnings detected due to potential concerns
1
0
0
Risk Indicators
- •GHSA-x5gf-qvw8-r2rm: UNKNOWN
- •Can spawn child processes
pm2 CVE Vulnerabilities (1)
pm2 Regular Expression Denial of Service vulnerability
brin Recommendations
- →This package has warnings detected. Evaluate the specific concerns before proceeding.
Install with brin add pm2 to automatically apply these checks before installation.
This is an automated, point-in-time assessment and may contain errors. Findings are risk indicators, not confirmed threats. Security posture may change over time. Maintainers can dispute findings via the brin review process.
pm2 Capabilities & Permissions
What pm2 can access when installed. Review these capabilities before using with AI agents like Cursor, Claude Code, or Codex.
Filesystem Access
Reads and writes to the filesystem.
Process Spawning
This package can spawn child processes.
Environment Variables
Accesses the following environment variables.
AGENTS.md for pm2
Good instructions lead to good results. brin adds pm2 documentation to your AGENTS.md so your agent knows how to use it properly—improving both safety and performance.
brin initVercel's research: 100% accuracy with AGENTS.md vs 53% without →
pm2 Documentation & Source Code
For the full pm2 README, API documentation, and source code, visit the official package registry.
Frequently asked questions about pm2 safety
Install (safety-checked)
Weekly Downloads
Version
6.0.14License
AGPL-3.0Last Scanned
Trust Score
CVEs (1)
pm2 Regular Expression Denial of Service vulnerability
Capabilities
Reads & Writes files
Spawns child processes
Accesses: ASZ_MODE, C9_USER, COMP_CWORD...