@cyberhub/trust-colors 1.0.9 → 1.0.10

package/README.md

@@ -6,7 +6,7 @@
 
 ## TL;DR
 
-- **1 vulnerability found** (1 critical, 0 high)
+- **Security incident detected** — compromised via account takeover/sabotage
 - Consider switching to **chalk** (Most popular terminal color library)
 - **Action required:** Review flags below and upgrade or replace this package
 
@@ -26,8 +26,8 @@ Community:         █████████░░░░░░░░░░░
 ### Why this score?
 
 - Maintainer Trust is 44 because: single maintainer (bus factor risk)
-- Supply Chain is 10 because: 1 known CVEs, in breach database
-- Community is 47 because: no GitHub repo found
+- Supply Chain is 10 because: 1 security incident(s) in breach database, in breach database
+- Community is 47 because: no public GitHub repo linked (may be private or on another platform)
 
 ## ⚠️ Security Incident
 
@@ -37,7 +37,7 @@ This package was compromised via account takeover/sabotage (no CVE assigned). Se
 
 - 🔴 **CRITICAL**: Package name "colors" is 2 edit(s) from popular "cors"
 - 🔴 **CRITICAL**: HISTORICAL BREACH: Maintainer sabotaged with infinite loop (2022)
-- 🔴 **CRITICAL**: 1 CRITICAL vulnerability(ies) from live CVE databases
+- 🔴 **CRITICAL**: 1 CRITICAL security incident from breach database (no CVE assigned)
 - 🔴 **CRITICAL**: Maintainer "marak" has history of package sabotage
 
 ## 🛠️ What Should You Do?

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@cyberhub/trust-colors",
-  "version": "1.0.9",
-  "description": "Security Trust Report: colors@1.4.0 — 47/100 (C, caution). 1 vulnerability found. Maintainer risk, supply chain analysis from 8 security databases.",
+  "version": "1.0.10",
+  "description": "Security Trust Report: colors@1.4.0 — 47/100 (C, caution). Security incident detected. Maintainer risk, supply chain analysis from 8 security databases.",
   "keywords": [
     "colors",
     "colors",