Book a demo →
npm package report

Is ajv safe?

Checked against the XYZ decision brain: known-malicious corpus, advisories, commit-level findings, dependencies and provenance.

cyberxyz.io/packages/npm/ajv
npm packagelast checked 2026-06-10

ajv · verdict BLOCK · blocked

9.2/10
XYZ SCORE
SUMMARY

Verdict BLOCK · 40 known dependencies · provenance: none found

Re-check live →

SIGNALS
Advisory HistoryclearOK

2 historical advisory record(s) on this package (max severity MODERATE). Add a version to check whether it is affected.

Commit-Level AnalysistriggeredCRITICAL

ci: use separate token to push to ajv-dist (#2608) * ci: use separate token to push to ajv-dist * use default token * remove from env --------- Co-authored-by: Evgeny @ SimpleX Chat <259188159+evgeny-simplex@users.noreply.github.com>

DEPENDENCIES
ajv-async@^0.1.0clean
ajv-async@^1.0.0clean
ajv-async@^1.0.0-beta.0clean
ajv-formats@^0.2.0clean
ajv-formats@^0.3.0clean
ajv-formats@^0.3.2clean
ajv-formats@^0.5.0clean
ajv-formats@^0.6.1clean
ajv-formats@^1.5.0clean
ajv-formats@^2.0.0clean
ajv-formats@^2.0.0-beta.0clean
ajv-formats@^2.0.0-beta.2clean
ajv-formats@^3.0.0-rc.0clean
ajv-formats@^3.0.1clean
ajv-pack@^0.1.0clean
@ajv-validator/config@^0.2.2clean
@ajv-validator/config@^0.2.3clean
@ajv-validator/config@^0.3.0clean
@ajv-validator/config@^0.5.0clean
bluebird@^3.1.5clean
PACKAGE ajvECOSYSTEM npmDECISION BLOCK

Baked snapshot · run a live check for the current verdict · browse all packages