Severity: Critical
CVSS Score: 9.8
All versions of `my-very-own-package` contain malicious code. The package sends the output of `process.versions`, `process.arch` and `process.platform` to a remote server in a postinstall script. ## Recommendation Remove the package from your environment. There are no further signs of compromise.