// npm package
customerdigital-ui-containers-lib
security holding package
weekly
658
monthly
862
versions
1
maintainers
0
first publish
2026-05-16
publisher
npm
tarball
472 B
AUTO-PUBLISHED·2 versions indexed·latest published 2026-05-29
// publisher campaignby npm
9 caught packages from this accountThis is not an isolated catch. The same publisher has shipped 8 other packages that our pipeline flagged — the shape of a coordinated campaign, not a one-off. Each link below opens that sibling's analysis.
// offending code· @0.0.1-security· no static-pattern hits
llm: benign · 0.85→ No suspicious destination, no remote-exec shape — no network destinations.
- @0.0.1-security··AUTO-PUBLISHED·publisher: npmheuristic 92/100static flags 0llm benign (0.85) via ollamanew-publisher:10dtiny-tarball:472bfirst-version-of-packagepublisher-multi-name-burst:5publisher-version-pump:6osv-flagged:MAL-2026-4543
→ No suspicious destination, no remote-exec shape — no network destinations.
// offending code· no static-pattern hits
--- package.json (entry) --- { "name": "customerdigital-ui-containers-lib", "version": "0.0.1-security", "description": "security holding package", "repository": "npm/security-holder" } - @99.16.9··AUTO-PUBLISHED
