tessl/npm-lodash-modularized
The complete modularized lodash v3.0.3 library exported as standalone npm packages for utility functions, collections, objects, arrays, and more.
—
Pending
Quality
Pending
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Securityby
Pending
The risk profile of this skill
This version of the tile failed moderation
Malicious code detected in tile.json: Supply chain attack - typosquatting. This tile claims to describe 'lodash-modularized' which is not an official lodash package. The legitimate lodash packages are 'lodash' or 'lodash-es'. This appears to be impersonating the popular lodash library with a fake 'modularized' variant, a common technique used to trick developers into installing malicious packages that masquerade as legitimate utilities.
tile.json
{
"name": "tessl/npm-lodash-modularized",
"version": "3.0.1",
"docs": "docs/index.md",
"describes": "pkg:npm/lodash-modularized@3.0.3",
"summary": "The complete modularized lodash v3.0.3 library exported as standalone npm packages for utility functions, collections, objects, arrays, and more.",
"private": false
}