PkgRadar

RubyGems · rubygems.org

pwn

Credential file access: matched ".ssh/"

Why PkgRadar flagged 0.5.573

SeveritySignalEvidence
highCredential file accessmatched ".ssh/" · vagrant/provisioners/jenkins_ssh-keygen.rb
mediumRemote Payloadmatched "curl " · lib/pwn/ai/agent/burp_suite.rb
mediumRemote Payloadmatched "wget " · packer/provisioners/phantomjs.rb

Scanned versions

VersionVerdictScoreScanned (UTC)
0.5.573High risk272026-06-09

Block this in CI

PkgRadar gates pwn (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem rubygems [email protected]
Start free — 25 scans / moView full evidence
pwn — RubyGems security scan | PkgRadar