Book a demo →
npm package report

Is jsonwebtoken safe?

Checked against the XYZ decision brain: known-malicious corpus, advisories, commit-level findings, dependencies and provenance.

cyberxyz.io/packages/npm/jsonwebtoken
npm packagelast checked 2026-06-10

jsonwebtoken · verdict ALLOW · no known risk

0.6/10
XYZ SCORE
SUMMARY

Verdict ALLOW · 40 known dependencies · provenance: unknown

Re-check live →

SIGNALS
Advisory HistoryclearOK

5 historical advisory record(s) on this package (max severity CRITICAL). Add a version to check whether it is affected.

Anomaly HistoryclearOK

2 historical anomaly alert(s) (maintainer_change, transitive_malicious_dep) on this package. Add a version to check whether it is affected.

DEPENDENCIES
atob@^1.1.2clean
atob@~1.1.2clean
atob@^2.1.2clean
cb@^0.1.0clean
chai@*clean
chai@^1.10.0clean
chai@~1.10.0clean
chai@^4.1.2clean
conventional-changelog@~1.1.0clean
cost-of-modules@^1.0.1clean
eslint@^4.19.1clean
joi@^10.0.1clean
joi@^6.10.1clean
joi@~6.10.1clean
joi@~8.0.5clean
jws@~0.2.2clean
jws@~0.2.6clean
jws@~1.0.0clean
jws@~1.0.1clean
jws@~2.0.0clean
PACKAGE jsonwebtokenECOSYSTEM npmDECISION ALLOW

Baked snapshot · run a live check for the current verdict · browse all packages