Does pusher-js have any known vulnerabilities?

No known CVE vulnerabilities were found for pusher-js v8.4.0 in the brin database.

What capabilities does pusher-js have?

pusher-js has the following detected capabilities: network access, filesystem access, process spawning, environment variable access. Review these before using with AI coding agents.

Can I use pusher-js safely with AI coding agents?

pusher-js has been flagged with risk indicators. Review the detected threats and capabilities before using with AI coding agents. Assessments are automated and may contain errors.

pusher-js

Q: Is pusher-js safe to use?

pusher-js v8.4.0 has warnings detected in the latest brin safety scan. Trust score: 75/100. Review the flagged concerns before use. This is an automated assessment.

npm

Is pusher-js safe to use?

The latest brin safety scan flagged pusher-js v8.4.0 with risk indicators that warrant review. No known CVE vulnerabilities. Trust score: 75/100. Review the findings below before use. This is an automated assessment and may contain errors.

Install (safety-checked)

pusher-js Has Warnings

Warnings detected due to potential concerns

warning

CVEs

Threats

Install Scripts

Risk Indicators

•Can spawn child processes

brin Recommendations

→This package has warnings detected. Evaluate the specific concerns before proceeding.

Install with brin add pusher-js to automatically apply these checks before installation.

This is an automated, point-in-time assessment and may contain errors. Findings are risk indicators, not confirmed threats. Security posture may change over time. Maintainers can dispute findings via the brin review process.

pusher-js Capabilities & Permissions

What pusher-js can access when installed. Review these capabilities before using with AI agents like Cursor, Claude Code, or Codex.

Network Access

This package makes network requests.

ajaxian.combugs.jquery.comcode.google.comdeveloper.mozilla.orgdom.spec.whatwg.orgen.wikipedia.orges5.github.comes5.github.ioexample.comexample.net+23 more

Protocols: http, https, tcp, websocket

Filesystem Access

Reads and writes to the filesystem.

.env (r).env (r).env (r).env (r)node_modules (r).env (r).env (r).env (r)+11 more

Process Spawning

This package can spawn child processes.

Environment Variables

Accesses the following environment variables.

BROWSER_STACK_ACCESS_KEYBROWSER_STACK_USERNAMECDN_HTTPCDN_HTTPSCIINCLUDE_TWEETNACLINTEGRATION_TESTS_APP_EU_APP_IDINTEGRATION_TESTS_APP_EU_KEYINTEGRATION_TESTS_APP_EU_SECRETINTEGRATION_TESTS_APP_MT1_APP_ID+9 more

AGENTS.md for pusher-js

Good instructions lead to good results. brin adds pusher-js documentation to your AGENTS.md so your agent knows how to use it properly—improving both safety and performance.

brin init

Vercel's research: 100% accuracy with AGENTS.md vs 53% without →

pusher-js Documentation & Source Code

For the full pusher-js README, API documentation, and source code, visit the official package registry.

View on npm View Source

Frequently asked questions about pusher-js safety

Install (safety-checked)

Weekly Downloads

1.3M

Version

8.4.0

License

MIT

Last Scanned

Feb 1, 2026

Trust Score

75/100·Legitimacy signals, not safety

Capabilities

Network

Connects to: ajaxian.com, bugs.jquery.com, code.google.com...

Filesystem

Reads & Writes files

Process

Spawns child processes

Environment

Accesses: BROWSER_STACK_ACCESS_KEY, BROWSER_STACK_USERNAME, CDN_HTTP...