npm · registry.npmjs.org
runspec-node
Credential file access: matched ".ssh"
Why PkgRadar flagged 0.15.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Credential file access | matched ".ssh" · package/dist/jump.js |
| high | Credential file access | matched ".ssh" · package/src/jump.ts |
| medium | Remote Payload | matched "raw.githubusercontent.com" · package/dist/cli.js |
| medium | Remote Payload | matched "raw.githubusercontent.com" · package/dist/runspec.toml |
| medium | Remote Payload | matched "raw.githubusercontent.com" · package/src/runspec.toml |
| medium | Remote Payload | matched "raw.githubusercontent.com" · package/src/cli.ts |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.33.1 | Low risk | 0 | 2026-06-15 |
0.33.0 | Low risk | 0 | 2026-06-14 |
0.32.0 | Low risk | 0 | 2026-06-12 |
0.31.0 | Low risk | 0 | 2026-06-12 |
0.30.0 | Low risk | 0 | 2026-06-12 |
0.29.0 | Low risk | 0 | 2026-06-12 |
0.28.1 | Low risk | 0 | 2026-06-10 |
0.28.0 | Low risk | 0 | 2026-06-08 |
0.27.0 | Low risk | 0 | 2026-06-05 |
0.26.1 | Low risk | 0 | 2026-06-04 |
0.26.0 | Low risk | 0 | 2026-06-04 |
0.25.0 | Low risk | 0 | 2026-06-04 |
0.24.0 | Low risk | 0 | 2026-06-04 |
0.23.0 | Low risk | 0 | 2026-06-04 |
0.22.0 | Low risk | 0 | 2026-06-03 |
0.21.0 | Low risk | 0 | 2026-06-03 |
0.19.0 | Low risk | 0 | 2026-06-03 |
0.17.1 | Low risk | 0 | 2026-05-28 |
0.17.0 | Low risk | 0 | 2026-05-27 |
0.16.0 | Low risk | 0 | 2026-05-26 |
0.15.0 | Review | 74 | 2026-05-24 |
0.13.1 | Review | 74 | 2026-05-24 |
0.14.0 | Review | 74 | 2026-05-24 |
Related campaigns
- finestjason — 3 releases, max score 74
Block this in CI
pkgradar gate --ecosystem npm [email protected]