Package name is similar to other popular packages and may not be the package you want.
This package version is identified as malware. It has been flagged either by Socket's AI scanner and confirmed by our threat research team, or is listed as malicious in security databases and other sources.
Contains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable and can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Contains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
AI has identified this package as malware. This is a strong signal that the package may be malicious.
Contains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.
Obfuscated files are intentionally packed to hide their behavior. This could be a sign of malware.
The GitHub repository of this package may have been artificially inflated with stars (from bots, crowdsourcing, etc.).
This package contains telemetry which tracks how it is used.
This package is a joke, parody, or includes undocumented or hidden behavior unrelated to its primary function.
A new collaborator has begun publishing package versions. Package stability and security risk may be elevated.
This module accesses the network.
Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
AI has identified this package as a potential typosquat of a more popular package. This suggests that the package may be intentionally mimicking another package's name, description, or other metadata.
AI has determined that this package may contain potential security issues or vulnerabilities.
Initial human review suggests the presence of a vulnerability in this package. It is pending further analysis and confirmation.
According to your configuration, this artifact has been recently published, which could increase supply chain risk.
This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Packages less than 10 lines of code are easily copied into your own project and may not warrant the additional supply chain risk of an external dependency.
Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
The package was published by an npm account that no longer exists.
Package accesses environment variables, which may be a sign of credential stuffing or data theft.
Accesses the file system, and could potentially read sensitive data.
AI has identified unusual behaviors that may pose a security risk.
Contains high entropy strings. This could be a sign of encrypted data, leaked secrets or obfuscated code.
A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
This Chrome extension requests permissions to access browser APIs, user data, or system features.
This Chrome extension requests wildcard host permissions that grant broad access to websites.
This Chrome extension includes content scripts that execute JavaScript on specified websites.
This Chrome extension requests host permissions to access specific websites or domains.
A GitHub context variable (such as issue title, PR description, or comment body) flows into a dangerous sink (such as shell command execution). This is a critical security issue that could allow command injection or code execution attacks.
An input argument to this GitHub Action flows into a dangerous sink (such as shell command execution). This could allow a malicious user to inject commands or exploit the action.
An environment variable flows into a dangerous sink (such as shell command execution). If this environment variable comes from an untrusted source, it could be exploited to inject commands.
A GitHub context variable (such as issue title, PR description, or comment body) is being exported as an environment variable. These context values are user-controlled and could be exploited by subsequent workflow steps.
A GitHub context variable (such as issue title, PR description, or comment body) is being passed back as an output. These context values are user-controlled and could be exploited by consuming workflows.
An input argument to this GitHub Action is being exported as an environment variable. If a user of this action passes untrusted input, it could be used in an insecure manner by subsequent workflow steps.
An input argument to this GitHub Action is being passed back as an output. If a user of this action passes untrusted input, it could be used in an insecure manner by consuming workflows.
Package contains a shrinkwrap file. This may allow the package to bypass normal install procedures.
Install scripts are run when the package is installed or built. Malicious packages often use scripts that run automatically to execute payloads or fetch additional code.
This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Uses debug, reflection and dynamic code execution features.
AI agent skill contains shell command execution, pipe-to-shell patterns, or download-and-execute sequences that could allow arbitrary code execution.
AI agent skill accesses sensitive data such as environment variables, credentials, or home directory files and may transmit them to external endpoints.
AI agent skill contains hardcoded API keys, tokens, private keys, or other credentials that could be exploited if the skill is distributed.
AI agent skill attempts to override AI safety guidelines through instruction override, role reassignment, jailbreak attempts, or system prompt manipulation.
AI agent skill chains multiple tools or capabilities together in a way that could amplify a security breach beyond any single tool's access.
AI agent skill uses hex encoding, Unicode escapes, compressed payloads, or encrypted archives to hide its true behavior from review.
AI agent skill contains patterns that could exhaust system resources such as fork bombs, memory exhaustion, or large file creation.
AI agent skill installs unpinned dependencies, references external scripts, or directs agents to download software from untrusted sources.
AI agent skill performs broad file system manipulation, network scanning, or system registry modification beyond what its stated purpose requires.
AI agent skill loads or invokes other external skills, creating a chain of trust that could introduce untrusted code or behavior.
AI agent skill exhibits excessive autonomy patterns such as unbounded loops, self-modification, or remote instruction fetching that could lead to uncontrolled behavior.
AI agent skill attempts to enumerate agent capabilities or extract system prompts, which could aid an attacker in planning further exploits.
This VS Code extension enables proposed APIs, which may be unstable and expand capabilities beyond stable surfaces.
This extension activates on wildcard or startup events, increasing its runtime surface and potential impact.
This extension contributes a Debugger which can interact deeply with runtime targets.
This extension activates based on workspace file patterns, which can be broad depending on configuration.
This extension contributes a Webview, allowing custom UI and potential remote content usage.
This extension depends on other extensions at runtime.
This extension packs other extensions.
This extension declares support for untrusted workspaces, which may relax certain VS Code safety constraints.
This extension supports virtual workspaces (e.g., remote file systems), which changes trust and file access assumptions.
Contains a Critical Common Vulnerability and Exposure (CVE).
Contains a high severity Common Vulnerability and Exposure (CVE).
Contains a medium severity Common Vulnerability and Exposure (CVE).
Contains a low severity Common Vulnerability and Exposure (CVE).
This package is not very popular.
This package contains minified code. This may be harmless in some cases where minified code is included in packaged libraries, however packages on npm should not minify code.
Package has dependencies with an invalid semantic version. This could be a sign of beta, low quality, or unmaintained dependencies.
Package has a dependency with a floating version range. This can cause issues if the dependency publishes a new major version.
Package can be replaced with a Socket optimized override.
The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Package has not been updated in more than 5 years and may be unmaintained. Problems with the package may go unaddressed.
(Experimental) Something was found which is explicitly marked as unlicensed.
This package is not allowed per your license policy. Review the package's license to ensure compliance.
(Experimental) A package's licensing information has fine-grained problems.
(Experimental) Contains an SPDX license exception.
(Experimental) License information could not be found.
(Experimental) An ambiguous license classifier was found.
(Experimental) Copyleft license information was found.
(Experimental) A license not known to be considered permissive was found.
(Experimental) Something that seems like a license was found, but its contents could not be matched with a known license.
Generic ad-hoc alert, uploaded by user or produced by system diagnostics
Package contains too many files to scan efficiently. The package was not fully analyzed due to the large number of files.
