npm · registry.npmjs.org

@rongcloud/imlib-next

Credential file access: matched ".AWS"

Why PkgRadar flagged 5.42.0-c-f-reaction-alpha.1

Severity	Signal	Evidence
high	Credential file access	matched ".AWS" · package/index.cjs
high	Credential file access	matched ".AWS" · package/index.cjs.js
high	Credential file access	matched ".AWS" · package/index.esm.js
high	Credential file access	matched ".AWS" · package/index.mjs

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`5.30.0-enterprise.6`	Low risk	0	2026-06-08
`5.42.0-c-reaction-alpha.3`	Low risk	0	2026-06-04
`5.40.0-c-reaction-alpha.2`	Low risk	0	2026-06-04
`5.40.0`	Low risk	0	2026-06-01
`5.42.0-c-f-reaction-alpha.1`	Review	50	2026-05-25
`5.30.0-enterprise-alpha.16`	Review	50	2026-05-25
`5.40.0-alpha.4`	Review	50	2026-05-25

Related campaigns

Block this in CI

PkgRadar gates @rongcloud/imlib-next (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @rongcloud/[email protected]