Package evidence

@f5xc-salesdemos/[email protected]

Credential file access: matched ".SSH"

Recommended action

Block this update

Static evidence trips multiple high-signal indicators. Quarantine the release until the publisher validates the change or you can rule out the indicators below.

Inspect tarball Add to CI gate

Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@f5xc-salesdemos/[email protected]"],"fail_on":"high"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@f5xc-salesdemos/[email protected]"],"fail_on":"high"}'

Publisherrobinmordasiewicz

Artifact bytes101,503

Previous version18.77.3

Published2026-05-23T23:47:26.813Z

SHA-256fa9018dc46055530ef703438cffd27732970c16f106debc256a37ed9e5dd26c5

Why flagged

What the scanner saw

Credential file access: matched ".SSH"

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

high

20d agoLast checked

highRisk

66Score

18.77.4Version

Status history (1 event)

new → available20d ago · risk high · score 66 · status changed

Related candidates

Linked campaigns and clusters

Publisher / release actor burststale

robinmordasiewicz

12 members · evidence strength 84

Repeated static TTPstale

Credential file access — matched ".SSH"

84 members · evidence strength 90

Evidence

Static findings

13 static · 0 from release diff · showing high-signal first.

Severity	Kind	Path	Detail	Points
high	Credential file access	package/src/keys.ts	matched ".SSH"	30

Show all 13 findings (low-signal and informational)

Severity	Kind	Path	Detail	Points
high	Credential file access	package/src/keys.ts	matched ".SSH"	30
low	Obfuscation	package/src/bracketed-paste.ts	matched "\\x1b"	3
low	Obfuscation	package/src/components/editor.ts	matched "\\x1b"	3
low	Obfuscation	package/src/horizontal-split.ts	matched "\\x1b"	3
low	Obfuscation	package/src/components/image.ts	matched "\\x1b"	3
low	Obfuscation	package/src/components/input.ts	matched "\\x1b"	3
low	Obfuscation	package/src/keys.ts	matched "\\x7f"	3
low	Obfuscation	package/src/components/markdown.ts	matched "\\x1b"	3
low	Obfuscation	package/src/stdin-buffer.ts	matched "\\x1b"	3
low	Obfuscation	package/src/terminal-capabilities.ts	matched "\\x1b"	3
low	Obfuscation	package/src/terminal.ts	matched "\\x1b"	3
low	Obfuscation	package/src/tui.ts	matched "\\x1b"	3
low	Obfuscation	package/src/utils.ts	matched "\\x1b"	3

Manifest

Package metadata

Scripts6

checkbiome check . && bun run check:types
check:typestsgo -p tsconfig.json --noEmit
fixbiome check --write --unsafe .
fmtbiome format --write .
lintbiome lint .
testbun test --preload ./test/preload.ts test/*.test.ts

Dependencies3

@f5xc-salesdemos/pi-natives18.77.4
@f5xc-salesdemos/pi-utils18.77.4
marked^17.0