Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement →

@cyberhub/trust-nitropack

Package Overview

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

@cyberhub/trust-nitropack

Security Trust Report for nitropack — 67/100 (B, standard). Maintainer risk and vulnerability analysis from 8 security databases.

latest

Version: 1.0.0

Version published: 2 months ago

Weekly downloads: 16

Maintainers: 1

Weekly downloads

Created: 2 months ago

Security Trust Report: nitropack

Score: 67/100 | Grade: B | Tier: STANDARD

This package has notable risk factors. Review flags below.

Score Breakdown

Category	Score
Maintainer Trust	72/100
Package Health	85/100
Supply Chain	56/100
Community	43/100

Vulnerabilities

No known vulnerabilities.

Flags

HIGH: Maintainer(s) removed in v2.9.7: pi0
HIGH: Burst publishing detected — 5+ versions in a single day
HIGH: 70 direct dependencies — large attack surface
HIGH: Depends on historically compromised package: semver
HIGH: 1 direct dependencies have known security issues
HIGH: Depends on "semver" which has ReDoS CVE-2022-25883
MEDIUM: New maintainer(s) added in v2.10.0: pi0
MEDIUM: Single maintainer — bus factor risk
MEDIUM: 70 direct dependencies
MEDIUM: No GitHub repo found — community signals unavailable

Maintainers

pi0 (2FA)

pkgtrust | Dashboard | Updated 2026-04-02

Keywords

FAQs

What is @cyberhub/trust-nitropack?

Is @cyberhub/trust-nitropack popular?

Is @cyberhub/trust-nitropack well maintained?

Package last updated on 02 Apr 2026

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Related posts