Package Exports
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@cyberhub/trust-honcho-theme) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
Security Trust Report: honcho-theme
honcho-theme@99.9.2: 65/100 | Grade: B | Tier: STANDARD (confidence: ±3)
Scanned on 2026-04-30 from 8 security databases. View package on npm →
TL;DR
- No critical vulnerabilities from live scan
- Pin your version and monitor for changes
Score Breakdown
Maintainer Trust: ████████████░░░░░░░░ 59/100
Package Health: ██████████████░░░░░░ 72/100
Supply Chain: █████████████████░░░ 83/100
Community: ████████░░░░░░░░░░░░ 40/100Why this score?
- Maintainer Trust is 59 because: single maintainer (bus factor risk)
- Community is 40 because: no public GitHub repo linked (may be private or on another platform)
Vulnerabilities
✅ No known vulnerabilities detected across 8 security databases.
Key Risk Flags
- 🟠 HIGH: Primary maintainer account is less than 6 months old (0 days)
- 🟠 HIGH: No license declared
🛠️ What Should You Do?
Always: Pin version, run pkgtrust scan in CI, monitor at nrupak.com/trust/honcho-theme
Maintainers (1)
- kills_sh ✅ 2FA (freemail) — Trust profile
Methodology: 18+ signals across 4 categories (Maintainer 35%, Package 25%, Supply Chain 25%, Community 15%). Full scoring docs →
Check your project: npm i -g @cyberhub/pkgtrust && pkgtrust scan honcho-theme — CLI docs
Data Sources: GitHub Advisories · OSV.dev · npm audit · Snyk · Socket.dev · npms.io · Bundlephobia · deps.dev · CISA KEV · Packagephobia · OpenSSF Scorecard · Ecosyste.ms · GitHub Enhanced · Keybase · npm Provenance
Report by pkgtrust · Dashboard · Compare · CLI
This is an automated security report. Not affiliated with the honcho-theme team. Updated 2026-04-30.