{"package":"node.js","ecosystem":"npm","latest_version":"0.0.1-security","description":"security holding package","license":"","homepage":"https://github.com/npm/security-holder#readme","repository":"https://github.com/npm/security-holder","downloads_weekly":3567,"health":{"score":49,"risk":"high","breakdown":{"maintenance":0,"popularity":6,"security":25,"maturity":15,"community":3},"deprecated":false,"max_score":100},"vulnerabilities":{"count":1,"critical":0,"high":0,"medium":0,"low":1,"details":[{"vuln_id":"MAL-2025-27668","severity":"unknown","summary":"Malicious code in node.js (npm)","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2025-08-14T18:52:04Z"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"0.0.1-security","total_count":1,"recent":["0.0.1-security"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":2,"first_published":"2013-09-30T02:53:59.847Z","last_published":"2020-03-12T13:35:55.570Z","dependencies_count":0,"dependencies":[]},"bundle":null,"typescript":{"score":0,"has_types":false,"types_source":null,"types_package":null},"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"recommendation":{"action":"do_not_use","summary":"Do not install. Package is flagged as malicious (advisory MAL-2025-27668).","version_hint":null},"requested_version":null,"_cache":"miss","_response_ms":877,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":true,"advisory_id":"MAL-2025-27668","summary":"Malicious code in node.js (npm)","action":"do_not_install","downloads_weekly_at_check":3567},"scorecard":{"available":false},"quality":{"available":false}}