Book a demo →
npm package report

Is colors safe?

Checked against the XYZ decision brain: known-malicious corpus, advisories, commit-level findings, dependencies and provenance.

cyberxyz.io/packages/npm/colors
npm packagelast checked 2026-06-10

colors · verdict BLOCK · blocked

9.0/10
XYZ SCORE
SUMMARY

Verdict BLOCK · 5 known dependencies · provenance: unknown

Re-check live →

SIGNALS
Known Malicious PackagematchedCRITICAL

Human-verified malicious package in the CyberXYZ corpus (Signal C).

Advisory HistoryclearOK

1 historical advisory record(s) on this package (max severity HIGH). Add a version to check whether it is affected.

Anomaly HistoryclearOK

1 historical anomaly alert(s) (maintainer_change) on this package. Add a version to check whether it is affected.

DEPENDENCIES
eslint@^4.19.1clean
eslint@^5.2.0clean
eslint@^5.4.0clean
eslint-config-google@^0.11.0clean
eslint-config-google@^0.9.1clean
PACKAGE colorsECOSYSTEM npmDECISION BLOCK

Baked snapshot · run a live check for the current verdict · browse all packages