npm · registry.npmjs.org

@agent-vm/gondolin-adapter

Credential file access: matched ".aws"

Why PkgRadar flagged 0.0.84

Severity	Signal	Evidence
medium	Credential file access	matched ".aws" · package/dist/index.js

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`0.0.97`	Low risk	0	2026-06-12
`0.0.96`	Low risk	0	2026-06-11
`0.0.95`	Low risk	0	2026-06-10
`0.0.94`	Low risk	0	2026-06-10
`0.0.93`	Low risk	0	2026-06-08
`0.0.92`	Low risk	0	2026-05-30
`0.0.91`	Low risk	0	2026-05-28
`0.0.90`	Low risk	0	2026-05-28
`0.0.89`	Low risk	0	2026-05-28
`0.0.88`	Low risk	0	2026-05-28
`0.0.84`	Review	7	2026-05-27
`0.0.85`	Review	7	2026-05-27
`0.0.82`	Review	7	2026-05-25
`0.0.81`	Review	7	2026-05-25
`0.0.80`	Review	30	2026-05-24
`0.0.78`	Review	30	2026-05-24
`0.0.79`	Review	30	2026-05-24

Block this in CI

PkgRadar gates @agent-vm/gondolin-adapter (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @agent-vm/[email protected]