npm · registry.npmjs.org
altair-static
Credential file access: matched ".AWS"
Why PkgRadar flagged 8.5.3
| Severity | Signal | Evidence |
|---|---|---|
| high | Credential file access | matched ".AWS" · package/build/dist/chunk-7THP26YK.js |
| medium | Obfuscation Density | high encoded/escaped-token density · package/build/dist/chunk-2OVBIND4.js |
| medium | Obfuscation Density | high encoded/escaped-token density · package/build/dist/chunk-74A26AAT.js |
| medium | Obfuscation Density | high encoded/escaped-token density · package/build/dist/chunk-CPMWLSLU.js |
| medium | Obfuscation Density | high encoded/escaped-token density · package/build/dist/chunk-GZBCODHK.js |
| medium | Remote Payload | matched "curl " · package/build/dist/chunk-OG54YGKQ.js |
| medium | Obfuscation Density | high encoded/escaped-token density · package/build/index.js |
| medium | Remote Payload | matched "cURL " · package/build/dist/assets/i18n/af-ZA.json |
| medium | Remote Payload | matched "cURL " · package/build/dist/assets/i18n/ar-SA.json |
| medium | Remote Payload | matched "cURL " · package/build/dist/assets/i18n/ca-ES.json |
| medium | Remote Payload | matched "cURL " · package/build/dist/assets/i18n/cs-CZ.json |
| medium | Remote Payload | matched "cURL " · package/build/dist/assets/i18n/da-DK.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
8.5.8-alpha.d658484.0 | Low risk | 0 | 2026-06-06 |
8.5.7 | Low risk | 0 | 2026-06-06 |
8.5.8-alpha.69d1042.0 | Low risk | 0 | 2026-06-06 |
8.5.7-alpha.3025f1c.0 | Low risk | 0 | 2026-06-06 |
8.5.7-alpha.1edee7e.0 | Low risk | 0 | 2026-06-06 |
8.5.6 | Low risk | 0 | 2026-06-06 |
8.5.6-alpha.ae4b3e4.0 | Low risk | 0 | 2026-06-06 |
8.5.6-alpha.7af8728.0 | Low risk | 0 | 2026-06-06 |
8.5.5 | Low risk | 0 | 2026-06-04 |
8.5.6-alpha.cddec71.0 | Low risk | 0 | 2026-06-04 |
8.5.4 | Low risk | 0 | 2026-06-03 |
8.5.5-alpha.e317be6.0 | Low risk | 0 | 2026-06-03 |
8.5.4-alpha.e5f673c.0 | Low risk | 0 | 2026-06-03 |
8.5.3 | Review | 114 | 2026-05-24 |
8.5.4-alpha.8244b5b.0 | Review | 114 | 2026-05-24 |
8.5.3-alpha.430ede9.0 | Review | 114 | 2026-05-24 |
8.5.3-alpha.73edbb9.0 | Review | 114 | 2026-05-24 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]