Axios Security Check

Checks for the March 2026 axios supply chain attack — two malicious npm versions ([email protected] and [email protected]) that injected a RAT dropper via a fake dependency ([email protected]). Use this skill whenever a user a

Pre-install review · source, risk, and alternatives

vjumpkungAuthor unclaimedClear sourceView repository

C · Review first

Trust level

81 · High trust

Strong recovered source and maintenance signals.

Risk decision

High attention

needs credentials, network access, runs shell, writes files

Install readiness

script-backed · copy-only command

SkillTrust only shows install guidance and copy actions; it never executes installs.

Install guidance

Review before install

Supported tools can change install steps; Universal entries need source review.

Copy-only command

Universal

npm list axios 2>/dev/null | grep -E "1\.14\.1|0\.30\.4"

Risk warning

needs credentials, network access, runs shell, writes files

Open install docs Repository