The package communicates with a domain associated with malicious activity.
-= Per source details. Do not edit below this line.=-
The OpenSSF Package Analysis project identified 'bufbuild-core' @ 1.0.0 (npm) as malicious.
It is considered malicious because:
{
"malicious-packages-origins": [
{
"sha256": "ea2a6d8f75509bff2876bce466f00b9c7c810394f46e6479c6e2d8b19acc9557",
"source": "ossf-package-analysis",
"import_time": "2025-07-25T00:26:48.843375189Z",
"modified_time": "2025-07-25T00:00:52Z",
"versions": [
"1.0.0"
]
}
]
}