npm · registry.npmjs.org
@gravity-platform/aws-dynamodb
Credential file access: matched ".aws"
Why PkgRadar flagged 1.1.4
| Severity | Signal | Evidence |
|---|---|---|
| high | Credential file access | matched ".aws" · package/dist/DynamoDB/node/executor.js |
| high | Credential file access | matched ".aws" · package/dist/DynamoDBFetch/node/executor.js |
| high | Credential file access | matched ".aws" · package/dist/DynamoDBService/node/executor.js |
| high | Credential file access | matched ".AWS" · package/dist/credentials/index.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.1.3 | Low risk | 0 | 2026-06-12 |
1.1.6 | Low risk | 0 | 2026-06-12 |
1.1.4 | Review | 80 | 2026-05-24 |
1.1.5 | Review | 80 | 2026-05-24 |
Related campaigns
- payner35 — 14 releases, max score 139
Block this in CI
pkgradar gate --ecosystem npm @gravity-platform/[email protected]