Is React Signature Canvas Safe?

React Signature Canvas — Nerq Trust Score 76.0/100 (B+ grade). Based on analysis of 2 trust dimensions, it is generally safe but has some concerns. Last updated: 2026-04-01.

Yes, React Signature Canvas is safe to use. React Signature Canvas is a Node.js package with a Nerq Trust Score of 76.0/100 (B+), based on 3 independent data dimensions. It is recommended for production use. Security: 90/100. Popularity: 75/100. Data sourced from npm registry, GitHub repository, NVD, OSV.dev, and OpenSSF Scorecard. Last updated: 2026-04-01. Machine-readable data (JSON).

Safety Guide: React Signature Canvas

What is React Signature Canvas?

React Signature Canvas is a Node.js package — A React wrapper component around signature_pad. 100% test coverage, types, examples, & more. Unopinionated and heavily updated fork of react-signature-pad.

How to Verify Safety

Run npm audit to check for vulnerabilities. Review the package's GitHub repository for recent commits.

You can also check the trust score via API: GET /v1/preflight?target=react-signature-canvas

Key Safety Concerns for Node.js packages

When evaluating any Node.js package, watch for: dependency vulnerabilities, malicious packages, typosquatting.

Trust Assessment

React Signature Canvas has a Nerq Trust Score of 76/100 (B+) and meets Nerq trust threshold. This score is based on automated analysis of security, maintenance, community, and quality signals.

Key Takeaways

• React Signature Canvas has a Trust Score of 76/100 (B+).
• Recommended for use — passes trust threshold.
• Always verify independently using the Nerq API.

Disclaimer: Nerq trust scores are automated assessments based on publicly available signals. They are not endorsements or guarantees. Always conduct your own due diligence.