PkgRadar

PyPI · pypi.org

cm-cluster-on-demand

Credential file access: matched ".ssh/"

Why PkgRadar flagged 11.33.0

SeveritySignalEvidence
mediumCredential file accessmatched ".ssh/" · cm_cluster_on_demand-11.33.0/src/clusterondemand/cloudconfig/headcommands.py

Scanned versions

VersionVerdictScoreScanned (UTC)
11.33.0Review272026-05-29

Block this in CI

PkgRadar gates cm-cluster-on-demand (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi cm-cluster-on-demand==11.33.0
Start free — 25 scans / moView full evidence