
Research
/Security News
11 Malicious NuGet Tools Pose as Game Cheats to Drop a Windows Host-Surveillance Payload
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.
pi-env-probe
Advanced tools
Cross-platform environment diagnostics for Pi — shell, PATH, runtime, encoding, non-ASCII path risks in compact JSON
Cross-platform environment diagnostics for Pi — shell, PATH, runtime, encoding, and non-ASCII path risks in compact JSON.
pi-env-probe collects lightweight environment diagnostics and returns them as compact JSON. Use it from the CLI, as a Pi slash command, or import probe() in your own tooling.
bash, pwsh, cmd, zsh, or null)PATH; on Windows, : on POSIX)probe() — subprocess failures degrade to false / nullInstall the published npm package with Pi:
pi install npm:pi-env-probe
Install into the current project instead of your user Pi settings:
pi install npm:pi-env-probe -l
Or install from GitHub:
pi install git:github.com/eiei114/pi-env-probe
Try it without permanently installing:
pi -e npm:pi-env-probe
Try this package locally:
pi -e .
Then run:
/env-probe
Or use the standalone CLI:
node bin/env-probe.js
| Path | Purpose |
|---|---|
lib/ | Shared probe logic (probe.ts) |
extensions/ | Pi extension registering /env-probe |
bin/ | Standalone CLI entry point |
npm install
npm run ci
npm install
npm run typecheck
npm test
node bin/env-probe.js
node bin/env-probe.js | node -e "process.stdin.on('data',d=>{JSON.parse(d);console.log('valid JSON')})"
npm pack --dry-run
This package is set up for npm Trusted Publishing, so no NPM_TOKEN is required.
npm version patch
git push --follow-tags
MIT — see LICENSE.
FAQs
Cross-platform environment diagnostics for Pi — shell, PATH, runtime, encoding, non-ASCII path risks in compact JSON
The npm package pi-env-probe receives a total of 25 weekly downloads. As such, pi-env-probe popularity was classified as not popular.
We found that pi-env-probe demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.

Research
/Security News
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.