npm · registry.npmjs.org
polymind_last1
Credential File Packaged: package/.next/standalone/.env
Why PkgRadar flagged 1.2.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Credential File Packaged | package/.next/standalone/.env · package/.next/standalone/.env |
| medium | Remote Payload | matched "github.com/FiloSottile/mkcert/releases/download" · package/.next/standalone/node_modules/.pnpm/[email protected]_@[email protected][email protected][email protected][email protected]/node_modules/next/dist/lib/mkcert.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.2.0 | High risk | 52 | 2026-06-05 |
1.1.0 | High risk | 52 | 2026-06-05 |
1.0.4 | High risk | 52 | 2026-06-05 |
1.0.3 | High risk | 52 | 2026-06-05 |
1.0.2 | High risk | 52 | 2026-06-05 |
1.0.1 | High risk | 52 | 2026-06-05 |
1.0.0 | High risk | 52 | 2026-06-05 |
0.0.0-development | Review | 5 | 2026-06-05 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]