PyPI · pypi.org

mem0ai

Credential file access: matched "aws_access_key"

Why PkgRadar flagged 2.0.5

Severity	Signal	Evidence
medium	Credential file access	matched "aws_access_key" · mem0ai-2.0.5/mem0/embeddings/aws_bedrock.py
medium	Credential file access	matched "GOOGLE_APPLICATION_CREDENTIALS" · mem0ai-2.0.5/mem0/embeddings/vertexai.py

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`2.0.5`	Review	17	2026-06-10
`2.0.3`	Review	17	2026-05-30
`2.0.4`	Review	37	2026-05-27

Block this in CI

PkgRadar gates mem0ai (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi mem0ai==2.0.5