PkgRadar

PyPI · pypi.org

dev10x

Credential file access: matched "GITHUB_TOKEN"

Why PkgRadar flagged 0.75.0

SeveritySignalEvidence
mediumCredential file accessmatched "GITHUB_TOKEN" · dev10x-0.75.0/src/dev10x/github/__init__.py

Scanned versions

VersionVerdictScoreScanned (UTC)
0.79.0Low risk02026-06-08
0.78.0Low risk02026-06-03
0.77.0Low risk02026-06-01
0.76.0Low risk02026-05-31
0.75.0Review102026-05-27

Block this in CI

PkgRadar gates dev10x (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi dev10x==0.75.0
Start free — 25 scans / moView full evidence
dev10x — PyPI security scan | PkgRadar