Book a demo →
npm package report

Is cross-env safe?

Checked against the XYZ decision brain: known-malicious corpus, advisories, commit-level findings, dependencies and provenance.

cyberxyz.io/packages/npm/cross-env
npm packagelast checked 2026-06-10

cross-env · verdict ALLOW · no known risk

0.6/10
XYZ SCORE
SUMMARY

Verdict ALLOW · 40 known dependencies · provenance: unknown

Re-check live →

SIGNALS
All signals clearclearOK

No known-malicious match, advisory, commit-level finding or anomaly.

DEPENDENCIES
add-to-path@1.1.2clean
all-contributors-cli@^4.0.1clean
babel@5.8.23clean
babel-cli@^6.23.0clean
babel-cli@^6.24.1clean
babel-core@^6.23.1clean
babel-jest@^19.0.0clean
babel-preset-env@^1.2.0clean
babel-preset-stage-2@^6.22.0clean
babel-register@^6.23.0clean
@babel/runtime@^7.6.2clean
chai@3.3.0clean
codecov@^1.0.1clean
codecov.io@0.1.6clean
commitizen@1.0.5clean
commitizen@2.4.4clean
commitizen@^2.9.6clean
cross-spawn@2.0.0clean
cross-spawn@^3.0.1clean
cross-spawn@^5.1.0clean
PACKAGE cross-envECOSYSTEM npmDECISION ALLOW

Baked snapshot · run a live check for the current verdict · browse all packages