RepoPilot

koajs/koa · Security & risks

Authoritative risk signals for koajs/koa — dependency CVEs (deps.dev), OpenSSF Scorecard, and GitHub Code Scanning. Not a substitute for your own security review.

Dependency CVEs (deps.dev)

0
Critical
0 direct
0
High
0 direct
0
Moderate
73
Deps scanned
23 direct

OpenSSF Scorecard · 6.0/10

  • Packaging
  • Branch-Protection
  • Signed-Releases
  • Token-Permissions0/10
  • CII-Best-Practices0/10
  • Fuzzing0/10
  • SAST0/10
  • Code-Review5/10

Informational only. RepoPilot summarises public signals at the time of analysis; they can be incomplete or stale. Not professional, security, or legal advice.