PkgRadar

npm · registry.npmjs.org

ent-framework

Credential File Packaged: package/examples/next-example/.env

Why PkgRadar flagged 3.0.4

SeveritySignalEvidence
highCredential File Packagedpackage/examples/next-example/.env · package/examples/next-example/.env
mediumRemote Payloadmatched "curl " · package/internal/llms.sh

Scanned versions

VersionVerdictScoreScanned (UTC)
3.0.4High risk232026-06-08
3.0.3High risk232026-06-08
2.26.1High risk232026-06-08
3.0.2High risk232026-06-08

Block this in CI

PkgRadar gates ent-framework (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence