Overall

gatsby

📦 npm Package

Kyle Mathews

Blazing fast modern site generator for React

v5.16.1

Medium Risk6.4/10

Scanned June 1, 2026

Risk Flags

Developer identity not verified by the platform

No privacy policy found despite requesting multiple permissions

5.9

Permissions

5.0

Developer

10.0

Data Privacy

2.0

Policy Match

Permissions (13)

Process execution library

dep:execa

High

Extended filesystem operations

dep:fs-extra

Medium

File pattern matching

dep:glob

Low

HTTP client — makes network requests

dep:axios

Low

HTTP fetch — makes network requests

dep:node-fetch

Low

HTTP client — makes network requests

dep:got

Low

WebSocket connections

dep:socket.io

Medium

HTTP server framework

dep:express

Medium

Reads environment variables from .env files

dep:dotenv

Medium

Runs code automatically after npm install: node scripts/postinstall.js

script:postinstall

High

Runs on install and before publish: cross-env NODE_ENV=production npm run build

script:prepare

Medium

Installs executable CLI commands

capability:binary

Medium

167 dependencies — large supply chain surface

dependencies:large

High

Developer

NameKyle Mathews

Verified PublisherUnverified

Known EntityNot recognized

Websitehttps://github.com/gatsbyjs/gatsby/tree/master/packages/gatsby#readme

Contactmathews.kyle@gmail.com

Data Flows

No external data transmission detected

This tool does not appear to send data to external servers.

Privacy Policy Analysis

Policy Status

No policy found

Policy Mismatches Found

Package includes network libraries but no privacy documentation

Alternatives to Consider

@headlessui/react

0 permissions

8.9

@radix-ui/react-dialog

0 permissions

8.9

@tanstack/react-query

Know what your tools are really doing.

Scan your own tools Browse Catalog

SamuAI

gatsby

Risk Flags

Permissions (13)

Developer

Data Flows

Privacy Policy Analysis

Alternatives to Consider

Embed Score Badge