@cyberhub/trust-nitropack
v1.0.0
Published
Security Trust Report for nitropack — 67/100 (B, standard). Maintainer risk and vulnerability analysis from 8 security databases.
Downloads
33
Maintainers
nrupaksReadme
Security Trust Report: nitropack
Score: 67/100 | Grade: B | Tier: STANDARD
This package has notable risk factors. Review flags below.
Score Breakdown
| Category | Score | |----------|-------| | Maintainer Trust | 72/100 | | Package Health | 85/100 | | Supply Chain | 56/100 | | Community | 43/100 |
Vulnerabilities
No known vulnerabilities.
Flags
- HIGH: Maintainer(s) removed in v2.9.7: pi0
- HIGH: Burst publishing detected — 5+ versions in a single day
- HIGH: 70 direct dependencies — large attack surface
- HIGH: Depends on historically compromised package: semver
- HIGH: 1 direct dependencies have known security issues
- HIGH: Depends on "semver" which has ReDoS CVE-2022-25883
- MEDIUM: New maintainer(s) added in v2.10.0: pi0
- MEDIUM: Single maintainer — bus factor risk
- MEDIUM: 70 direct dependencies
- MEDIUM: No GitHub repo found — community signals unavailable
Maintainers
- pi0 (2FA)