npm package report

Is helmet safe?

Checked against the XYZ decision brain: known-malicious corpus, advisories, commit-level findings, dependencies and provenance.

cyberxyz.io/packages/npm/helmet

npm packagelast checked 2026-06-10

helmet · verdict ALLOW · no known risk

0.6/10

XYZ SCORE

SUMMARY

Verdict ALLOW · 40 known dependencies · provenance: unknown

SIGNALS

All signals clearclearOK

No known-malicious match, advisory, commit-level finding or anomaly.

DEPENDENCIES

camelize@0.1.xclean

camelize@1.0.xclean

connect@2.11.xclean

connect@2.18.xclean

connect@2.19.xclean

connect@3.0.xclean

connect@3.3.1clean

connect@3.3.3clean

connect@3.3.4clean

connect@3.3.5clean

connect@3.4.0clean

connect@3.4.1clean

connect@3.5.0clean

connect@3.6.0clean

connect@3.6.2clean

connect@^3.6.5clean

connect@3.6.5clean

connect@^3.6.6clean

connect@^3.7.0clean

depd@1.0.1clean

PACKAGE helmetECOSYSTEM npmDECISION ALLOW

Baked snapshot · run a live check for the current verdict · browse all packages