-= Per source details. Do not edit below this line.=-
The OpenSSF Package Analysis project identified 'river-build' @ 0.0.1 (npm) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.