PyPI · pypi.org

mahavishnu

Credential file access: matched "aws_secret_access_key"

Why PkgRadar flagged 0.7.2

Severity	Signal	Evidence
high	Credential file access	matched "aws_secret_access_key" · mahavishnu-0.7.2/mahavishnu/core/code_index/signature_redaction.py
medium	Remote Payload	matched "curl " · mahavishnu-0.7.2/config/clients/diagnose.sh
medium	Remote Payload	matched "curl " · mahavishnu-0.7.2/config/clients/quickstart.sh

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`0.7.2`	High risk	54	2026-06-08

Block this in CI

PkgRadar gates mahavishnu (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi mahavishnu==0.7.2