npm · registry.npmjs.org
@sweny-ai/core
Credential file access: matched "GITHUB_TOKEN"
Why PkgRadar flagged 0.1.111
| Severity | Signal | Evidence |
|---|---|---|
| high | Credential file access | matched "GITHUB_TOKEN" · package/dist/skills/github.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.1.111 | Review | 35 | 2026-06-10 |
0.1.114 | Review | 35 | 2026-06-10 |
0.1.112 | Review | 5 | 2026-06-02 |
0.1.113 | Review | 5 | 2026-06-02 |
0.1.103 | Review | 5 | 2026-05-30 |
0.1.102 | Review | 95 | 2026-05-28 |
Block this in CI
pkgradar gate --ecosystem npm @sweny-ai/[email protected]