npm · registry.npmjs.org
pi-studio
Credential file access: matched ".ssh"
Why PkgRadar flagged 0.9.16
| Severity | Signal | Evidence |
|---|---|---|
| high | Credential file access | matched ".ssh" · package/client/studio-client.js |
| high | Credential file access | matched ".SSH" · package/shared/studio-ssh-hint.js |
| medium | Remote Payload | matched "raw.githubusercontent.com" · package/themes/pi-studio-dark.json |
| medium | Remote Payload | matched "raw.githubusercontent.com" · package/themes/pi-studio-light.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.9.32 | Low risk | 0 | 2026-06-10 |
0.9.31 | Low risk | 0 | 2026-06-10 |
0.9.30 | Low risk | 0 | 2026-06-09 |
0.9.29 | Low risk | 0 | 2026-06-08 |
0.9.28 | Low risk | 0 | 2026-06-08 |
0.9.27 | Low risk | 0 | 2026-06-08 |
0.9.26 | Low risk | 0 | 2026-06-03 |
0.9.25 | Low risk | 0 | 2026-06-01 |
0.9.24 | Low risk | 0 | 2026-06-01 |
0.9.23 | Low risk | 0 | 2026-05-31 |
0.9.22 | Low risk | 0 | 2026-05-29 |
0.9.21 | Low risk | 0 | 2026-05-28 |
0.9.20 | Low risk | 0 | 2026-05-27 |
0.9.19 | Low risk | 0 | 2026-05-26 |
0.9.18 | Low risk | 0 | 2026-05-25 |
0.9.16 | Review | 60 | 2026-05-24 |
0.9.17 | Review | 60 | 2026-05-24 |
Related campaigns
- omacl — 2 releases, max score 66
Block this in CI
pkgradar gate --ecosystem npm [email protected]