PkgRadar

npm · registry.npmjs.org

@woocommerce/e2e-environment

Credential File Packaged: package/.env

Why PkgRadar flagged 0.2.1

SeveritySignalEvidence
highCredential File Packagedpackage/.env · package/.env
mediumRemote Payloadmatched "curl " · package/bin/install-wp-tests.sh
mediumRemote Payloadmatched "curl " · package/bin/wait-for-build.sh
mediumRemote Dependency Specdependencies.@automattic/puppeteer-utils="github:Automattic/puppeteer-utils#0f3ec50" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
0.2.1High risk492026-06-17
0.2.2High risk492026-06-17
0.2.3High risk412026-06-17
0.3.0High risk412026-06-17

Block this in CI

PkgRadar gates @woocommerce/e2e-environment (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @woocommerce/[email protected]
Start free — 25 scans / moView full evidence