PkgRadar

PyPI · pypi.org

holobit-sdk

Credential file access: matched "AWS_ACCESS_KEY"

Why PkgRadar flagged 1.2.0

SeveritySignalEvidence
mediumCredential file accessmatched "AWS_ACCESS_KEY" · holobit_sdk-1.2.0/holobit_sdk/cloud/aws.py
mediumCredential file accessmatched "GOOGLE_APPLICATION_CREDENTIALS" · holobit_sdk-1.2.0/holobit_sdk/cloud/gcp.py

Scanned versions

VersionVerdictScoreScanned (UTC)
1.2.0Review142026-06-06

Block this in CI

PkgRadar gates holobit-sdk (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi holobit-sdk==1.2.0
Start free — 25 scans / moView full evidence
holobit-sdk — PyPI security scan | PkgRadar