Book a demo →
npm package report

Is nanoid safe?

Checked against the XYZ decision brain: known-malicious corpus, advisories, commit-level findings, dependencies and provenance.

cyberxyz.io/packages/npm/nanoid
npm packagelast checked 2026-06-10

nanoid · verdict ALLOW · no known risk

0.6/10
XYZ SCORE
SUMMARY

Verdict ALLOW · 40 known dependencies · provenance: unknown

Re-check live →

SIGNALS
Advisory HistoryclearOK

2 historical advisory record(s) on this package (max severity MODERATE). Add a version to check whether it is affected.

DEPENDENCIES
benchmark@^2.1.4clean
chalk@^2.1.0clean
chalk@^2.2.0clean
chalk@^2.3.0clean
chalk@^2.3.1clean
chalk@^2.4.1clean
docdash@^0.4.0clean
eslint@^4.10.0clean
eslint@^4.17.0clean
eslint@^4.19.1clean
eslint@^4.4.0clean
eslint@^4.4.1clean
eslint@^4.7.0clean
eslint@^4.8.0clean
eslint@^4.9.0clean
eslint@^5.0.1clean
eslint-ci@^0.1.1clean
eslint-config-logux@^16.0.0clean
eslint-config-logux@^16.2.0clean
eslint-config-logux@^19.0.0clean
PACKAGE nanoidECOSYSTEM npmDECISION ALLOW

Baked snapshot · run a live check for the current verdict · browse all packages