Last active
September 8, 2025 20:38
-
-
Save metruzanca/7fb8d0089f1788c0b3c7f1100a4aed6e to your computer and use it in GitHub Desktop.
A prompt for cursor to check for the recent attack on chalk/debug npm packages.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| I'm investingating impact of a recent supply chain attack. I need you to tell me exactly what version of these packages are we using. | |
| - [email protected] | |
| - [email protected] (appears to have been yanked as of 8 Sep 18:09 CEST) | |
| - [email protected] | |
| - [email protected] | |
| - [email protected] | |
| - [email protected] | |
| - [email protected] | |
| - [email protected] | |
| - [email protected] | |
| - [email protected] | |
| - [email protected] | |
| - [email protected] | |
| - [email protected] | |
| - [email protected] | |
| - [email protected] | |
| - [email protected] | |
| - [email protected] | |
| - [email protected] | |
| Please use grep to analyse the package lock file and tell me what versions we're using and if they're safe |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment