npm · registry.npmjs.org
@memberjunction/server
Credential file access: matched ".AWS"
Why PkgRadar flagged 5.36.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Credential file access | matched ".AWS" · package/dist/config.js |
| high | Credential file access | matched ".AWS" · package/src/config.ts |
| medium | Remote Payload | matched "raw.githubusercontent.com" · package/dist/resolvers/FeedbackResolver.js |
| medium | Remote Payload | matched "cUrl " · package/dist/index.js |
| medium | Remote Payload | matched "cUrl " · package/dist/resolvers/MCPResolver.js |
| medium | Remote Payload | matched "cUrl " · package/dist/agents/skip-sdk.js |
| medium | Remote Payload | matched "raw.githubusercontent.com" · package/src/resolvers/FeedbackResolver.ts |
| medium | Remote Payload | matched "cUrl " · package/src/index.ts |
| medium | Remote Payload | matched "cUrl " · package/src/resolvers/MCPResolver.ts |
| medium | Remote Payload | matched "cUrl " · package/src/agents/skip-sdk.ts |
| medium | Large Javascript Payload | 5777388 bytes · package/dist/generated/generated.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
5.41.0 | Low risk | 0 | 2026-06-16 |
5.40.2 | Low risk | 0 | 2026-06-10 |
5.40.1 | Low risk | 0 | 2026-06-09 |
5.40.0 | Low risk | 0 | 2026-06-09 |
5.39.0 | Low risk | 0 | 2026-06-05 |
5.38.0 | Low risk | 0 | 2026-05-30 |
5.36.0 | Review | 134 | 2026-05-24 |
5.37.0 | Review | 134 | 2026-05-24 |
Block this in CI
pkgradar gate --ecosystem npm @memberjunction/[email protected]