Severity: Critical
CVSS Score: 9.8
All versions of `discord.js-user` contain malicious code. The package uploads the user's Discord token to a remote server. ## Recommendation Remove the package from your environment. Ensure any compromised tokens are invalidated.