PkgRadar

PyPI · pypi.org

cxas-scrapi

Credential file access: matched "GOOGLE_APPLICATION_CREDENTIALS"

Why PkgRadar flagged 1.4.1

SeveritySignalEvidence
mediumCredential file accessmatched "GOOGLE_APPLICATION_CREDENTIALS" · cxas_scrapi-1.4.1/src/cxas_scrapi/cli/main.py

Scanned versions

VersionVerdictScoreScanned (UTC)
1.4.1Review102026-05-29
1.4.0Review102026-05-29

Block this in CI

PkgRadar gates cxas-scrapi (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi cxas-scrapi==1.4.1
Start free — 25 scans / moView full evidence