Package evidence

@owox/[email protected]

Credential file access: matched ".AWS"

Recommended action

Block this update

Static evidence trips multiple high-signal indicators. Quarantine the release until the publisher validates the change or you can rule out the indicators below.

Inspect tarball Add to CI gate

Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@owox/[email protected]"],"fail_on":"high"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@owox/[email protected]"],"fail_on":"high"}'

Publishermax-voloshyn

Artifact bytes827,705

Previous version0.26.0-next-20260522131154

Published2026-05-22T13:17:21.564Z

SHA-256030fda5220cd58098ca69d55ff32e09cad02186984cbeb1a16bd70782c2cdbf4

Why flagged

What the scanner saw

Credential file access: matched ".AWS"

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

high

19d agoLast checked

highRisk

936Score

0.26.0-next-20260522131549Version

Status history (1 event)

new → available19d ago · risk high · score 936 · status changed

Related candidates

Linked campaigns and clusters

Publisher / release actor burststale

max-voloshyn

6 members · evidence strength 75

Evidence

Static findings

33 static · 0 from release diff · showing high-signal first.

Showing 30 of 31 findings.

Severity	Kind	Path	Detail	Points
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-access.validator.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-blended-query-builder.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-create-view.executor.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-data-mart-schema.parser.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-data-mart-schema.provider.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-datamart.validator.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-query.builder.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/interfaces/athena-reader-state.interface.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-report-headers-generator.service.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-report-reader.service.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-schema-merger.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-sql-dry-run.executor.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-sql-run.executor.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/services/connector/connector-storage-config.service.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/services/credential-type-resolver.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/factories/data-storage-public-credentials.factory.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/enums/data-storage-type.enum.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/field-aggregation.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-destination-types/looker-studio-connector/services/looker-studio-type-mapper.service.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-access.validator.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-blended-query-builder.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-create-view.executor.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-data-mart-schema.parser.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-data-mart-schema.provider.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-datamart.validator.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-query.builder.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-report-headers-generator.service.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-report-reader.service.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-schema-merger.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-sql-dry-run.executor.js	matched ".AWS"	30

Show all 33 findings (low-signal and informational)

Severity	Kind	Path	Detail	Points
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-access.validator.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-blended-query-builder.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-create-view.executor.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-data-mart-schema.parser.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-data-mart-schema.provider.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-datamart.validator.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-query.builder.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/interfaces/athena-reader-state.interface.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-report-headers-generator.service.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-report-reader.service.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-schema-merger.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-sql-dry-run.executor.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/athena/services/athena-sql-run.executor.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/services/connector/connector-storage-config.service.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/services/credential-type-resolver.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/factories/data-storage-public-credentials.factory.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/enums/data-storage-type.enum.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/field-aggregation.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-destination-types/looker-studio-connector/services/looker-studio-type-mapper.service.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-access.validator.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-blended-query-builder.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-create-view.executor.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-data-mart-schema.parser.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-data-mart-schema.provider.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-datamart.validator.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-query.builder.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-report-headers-generator.service.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-report-reader.service.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-schema-merger.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-sql-dry-run.executor.js	matched ".AWS"	30
high	Credential file access	package/dist/src/data-marts/data-storage-types/redshift/services/redshift-sql-run.executor.js	matched ".AWS"	30
low	Obfuscation	package/dist/src/data-marts/data-destination-types/google-sheets/adapters/google-sheets-api.adapter.js	matched "fromCharCode"	3
low	Obfuscation	package/dist/src/common/template/constants/table-truncation-notice.constants.js	matched "\\u2063"	3

Manifest

Package metadata

Scripts30

buildnest build
build:cleanshx rm -rf dist
build:connectorsnpm run build -w @owox/connectors --prefix ../..
build:depnpm run build:internal-helpers && npm run build:connectors && npm run build:idp-protocol
build:idp-protocolnpm run build -w @owox/idp-protocol --prefix ../..
build:internal-helpersnpm run build -w @owox/internal-helpers --prefix ../..
devnpm run start:dev
dump:applyts-node commands/apply-dump-command.ts
dump:createts-node commands/create-dump-command.ts
formatprettier --write "**/*.{ts,json}" --ignore-path ../../.prettierignore
format:checkprettier --check "**/*.{ts,json}" --ignore-path ../../.prettierignore
linteslint . --config ./eslint.config.mjs
lint:fixeslint . --fix --config ./eslint.config.mjs
lint:mdmarkdownlint-cli2 --config ../../.markdownlint-cli2.mjs
lint:md:fixmarkdownlint-cli2 --config ../../.markdownlint-cli2.mjs --fix
migrations:create-templatets-node commands/create-migration-template-command.ts
prebuildnpm run build:clean && npm run build:dep
prepacknpm run build
prepublishOnlynpm run lint
servenpm run start:prod
startnest start
start:debugnest start --debug --watch --env-file ../../.env
start:devnest start --watch --env-file ../../.env
start:prodnode dist/src/main
testjest
test:covjest --coverage
test:debugnode --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand
test:e2ejest --config ./test/jest-e2e.json
test:integrationjest --config ./test/jest-integration.json
test:watchjest --watch

Dependencies45

@aws-sdk/client-athena^3.983.0
@aws-sdk/client-redshift-data^3.983.0
@aws-sdk/client-s3^3.983.0
@databricks/sql^1.12.0
@google-cloud/bigquery^8.1.0
@google-cloud/pubsub^4.0.7
@nestjs/common^11.0.1
@nestjs/config^4.0.2
@nestjs/core^11.1.2
@nestjs/event-emitter^3.0.0
@nestjs/platform-express^11.1.3
@nestjs/schedule^6.0.0
@nestjs/swagger^11.2.0
@nestjs/typeorm^11.0.0
@owox/connectors0.26.0-next-20260522131549
@owox/idp-protocol0.26.0-next-20260522131549
@owox/internal-helpers0.26.0-next-20260522131549
better-sqlite3^12.2.0
class-transformer^0.5.1
class-validator^0.14.2
compression^1.8.1
cross-spawn^7.0.6
env-paths^3.0.0
googleapis^150.0.1
handlebars^4.7.9
jsonwebtoken^9.0.0
juice^11.0.3
luxon^3.6.1
mysql2^3.14.1
nestjs-cls^6.0.1
…and 15 more.