Book a demo →
npm package report

Is sharp safe?

Checked against the XYZ decision brain: known-malicious corpus, advisories, commit-level findings, dependencies and provenance.

cyberxyz.io/packages/npm/sharp
npm packagelast checked 2026-06-10

sharp · verdict ALLOW · no known risk

0.6/10
XYZ SCORE
SUMMARY

Verdict ALLOW · 40 known dependencies · provenance: unknown

Re-check live →

SIGNALS
Advisory HistoryclearOK

3 historical advisory record(s) on this package (max severity HIGH). Add a version to check whether it is affected.

DEPENDENCIES
array-flatten@^3.0.0clean
async@*clean
async@^0.6.2clean
async@^0.8.0clean
async@^0.9.0clean
async@^1.1.0clean
async@^1.3.0clean
async@^1.4.2clean
async@^1.5.0clean
async@^1.5.2clean
async@^2.0.1clean
async@^2.1.0clean
async@^2.1.2clean
async@^2.1.4clean
async@^2.2.0clean
async@^2.4.1clean
async@^2.5.0clean
async@^2.6.0clean
async@^2.6.1clean
async@^2.6.2clean
PACKAGE sharpECOSYSTEM npmDECISION ALLOW

Baked snapshot · run a live check for the current verdict · browse all packages