PkgRadar

npm · registry.npmjs.org

slek-ai-cli

Credential File Packaged: package/.env

Why PkgRadar flagged 1.1.16

SeveritySignalEvidence
highCredential File Packagedpackage/.env · package/.env

Scanned versions

VersionVerdictScoreScanned (UTC)
1.1.16High risk352026-06-13
1.1.13High risk242026-06-10
1.1.15High risk242026-06-10
1.1.12High risk242026-06-10
1.1.11High risk352026-06-10
1.1.10High risk352026-06-10
1.1.9High risk352026-06-10
1.1.8High risk352026-06-10
1.1.4High risk242026-06-10
1.1.3High risk242026-06-10
1.1.1High risk242026-06-10
1.1.2High risk242026-06-10
1.1.39Low risk02026-06-04
1.1.40Low risk02026-06-04
1.1.38Low risk02026-06-04
1.1.37Low risk02026-06-03
1.1.36Low risk02026-06-03
1.1.35Low risk02026-06-03
1.1.34Low risk02026-06-03
1.1.32Low risk02026-06-02
1.1.33Low risk02026-06-02
1.1.28Low risk02026-06-02
1.1.29Low risk02026-06-02
1.1.25Low risk02026-06-02
1.1.24Low risk02026-06-02
1.1.23Low risk02026-06-02
1.1.22Low risk02026-06-02
1.1.21Low risk02026-06-01
1.1.20Low risk02026-06-01
1.1.19Low risk02026-06-01
1.1.18Low risk02026-05-31
1.1.17Low risk02026-05-31
1.1.7Low risk02026-05-30
1.1.6Low risk02026-05-30
1.1.5Low risk02026-05-30
1.0.0Low risk02026-05-30

Block this in CI

PkgRadar gates slek-ai-cli (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence