Book a demo →
npm package report

Is cypress safe?

Checked against the XYZ decision brain: known-malicious corpus, advisories, commit-level findings, dependencies and provenance.

cyberxyz.io/packages/npm/cypress
npm packagelast checked 2026-06-10

cypress · verdict BLOCK · blocked

9.2/10
XYZ SCORE
SUMMARY

Verdict BLOCK · 40 known dependencies · provenance: none found

Re-check live →

SIGNALS
Commit-Level AnalysistriggeredCRITICAL

chore: open auto-update PRs as cypress-bot via App installation token (#33702)

Anomaly HistoryclearOK

1 historical anomaly alert(s) (transitive_malicious_dep) on this package. Add a version to check whether it is affected.

DEPENDENCIES
arch@2.1.1clean
arch@^2.1.2clean
arch@2.1.2clean
arch@^2.2.0clean
asciify@^1.3.5clean
blob-util@^2.0.2clean
blob-util@2.0.2clean
bluebird@^2.9.34clean
bluebird@3.3.4clean
bluebird@^3.4.5clean
bluebird@3.5.0clean
bluebird@^3.7.2clean
bluebird@3.7.2clean
buffer@^5.6.0clean
buffer@^5.7.1clean
cachedir@1.2.0clean
cachedir@1.3.0clean
cachedir@^2.3.0clean
cachedir@2.3.0clean
chai@^3.2.0clean
PACKAGE cypressECOSYSTEM npmDECISION BLOCK

Baked snapshot · run a live check for the current verdict · browse all packages