Composer · packagist.org
cipi/api
Credential file access: matched "AWS_SECRET_ACCESS_KEY"
Why PkgRadar flagged 1.11.8
| Severity | Signal | Evidence |
|---|---|---|
| high | Credential file access | matched "AWS_SECRET_ACCESS_KEY" · cipi-sh-api-c94acf0/src/Mcp/Support/McpProductionContent.php |
| medium | Remote Payload | matched "curl " · cipi-sh-api-c94acf0/src/Services/CipiServerStatusService.php |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.11.8 | High risk | 42 | 2026-06-10 |
1.11.3 | Low risk | 0 | 2026-06-10 |
1.11.4 | Low risk | 0 | 2026-06-10 |
1.10.0 | Low risk | 0 | 2026-06-09 |
1.8.1 | Low risk | 0 | 2026-06-02 |
Block this in CI
pkgradar gate --ecosystem composer cipi/[email protected]