The package communicates with a domain associated with malicious activity.
-= Per source details. Do not edit below this line.=-
The OpenSSF Package Analysis project identified '@hub-la/payments-proto' @ 12.0.1 (npm) as malicious.
It is considered malicious because:
{
"malicious-packages-origins": [
{
"modified_time": "2025-07-16T12:28:21Z",
"import_time": "2025-07-16T12:47:34.377250132Z",
"versions": [
"12.0.1"
],
"source": "ossf-package-analysis",
"sha256": "788034b39545c288d45be9fa12e76155c224c8537b86eed7b0aaf0cf4e501908"
}
]
}