PkgRadar

PyPI · pypi.org

sandcastle-ai

Credential file access: matched "aws_access_key"

Why PkgRadar flagged 0.33.0

SeveritySignalEvidence
highCredential file accessmatched "aws_access_key" · sandcastle/main.py
highCredential file accessmatched "aws_access_key" · sandcastle/engine/telemetry.py

Scanned versions

VersionVerdictScoreScanned (UTC)
0.33.0High risk1002026-06-04

Block this in CI

PkgRadar gates sandcastle-ai (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi sandcastle-ai==0.33.0
Start free — 25 scans / moView full evidence