Package evidence

@pencil.dev/[email protected]

Credential file access: matched "GOOGLE_APPLICATION_CREDENTIALS"

Trust signals

Why this verdict

PkgRadar discounts a release’s score when public reputation argues against novel malware. The verdict above already reflects these — the panel just explains what was applied.

Weekly downloads: 2,258Niche · −30% score
Versions published: 10
First published: Mar 2026
Publisher: GitHub ActionsTrusted automation · −70% score

Effective trust discount applied: −70% (max across signals — discounts don’t stack). New install-lifecycle deltas vs the previous release would clear the discount.

Recommended action

Review before promoting

Mixed signals: the package has indicators worth reading before allowing the update in automated dependency flows.

Inspect tarball Add to CI gate

Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["@pencil.dev/[email protected]"],"fail_on":"review"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["@pencil.dev/[email protected]"],"fail_on":"review"}'

PublisherGitHub Actions

Artifact bytes19,436,898

Previous version0.2.6

Published2026-05-30T07:34:12.216Z

SHA-2560ef7ba8e332f5a234f09cb15ced083e0dd9290f381938c9e2dea5b56cc039dc3

Why flagged

What the scanner saw

Credential file access: matched "GOOGLE_APPLICATION_CREDENTIALS"

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

review

18d agoLast checked

reviewRisk

6Score

0.2.7Version

Status history (1 event)

new → available18d ago · risk review · score 6 · status changed

Evidence

Static findings

6 static · 0 from release diff · showing high-signal first.

No high-signal findings — see all findings below.

Show all 6 findings (low-signal and informational)

Severity	Kind	Path	Detail	Points
low	Credential file access	package/dist/env-api-keys-C1FTK3Yb.mjs	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/env-api-keys-Cwc_jpxR.mjs	matched "GOOGLE_APPLICATION_CREDENTIALS"	5
low	Credential file access	package/dist/google-shared-C9yMv18j.mjs	matched "AWS_ACCESS_KEY"	5
low	Credential file access	package/dist/google-shared-CV4JFSNB.mjs	matched "AWS_ACCESS_KEY"	5
low	Large Javascript Payload	package/dist/dist-CLYWjDi-.mjs	4332172 bytes	0
low	Large Javascript Payload	package/dist/index.mjs	3817919 bytes	0

Manifest

Package metadata

Scripts12

buildtsdown && npm run bundle:chmod && npm run bundle:mcp && npm run bundle:wasm && npm run bundle:pen-libs && npm run bundle:skill
build:prodnpm run build && node scripts/obfuscate.js
bundle:chmodnode scripts/chmod-dist-entry.mjs
bundle:mcpmkdir -p dist/out && cp ../../servers/mcp/mcp-server-* dist/out/ && chmod +x dist/out/mcp-server-*
bundle:pen-libsmkdir -p dist/out/data && cp ../../lib/pencil-editor/data/*.lib.pen dist/out/data/
bundle:skillcp ../../SKILL.md ./SKILL.md
bundle:wasmnode scripts/copy-pencil-wasm.mjs
devnpm run build && cross-env NODE_ENV=development npm run start --
lintbiome check
lint:cibiome ci
startnode dist/index.mjs
test:packagebash scripts/test-package-docker.sh

Dependencies8

@anthropic-ai/claude-agent-sdk^0.3.156
@inquirer/prompts^8.3.0
@node-ipc/node-ipc^11.0.3
@openai/codex-sdk^0.133.0
eventemitter3^5.0.1
semver^7.7.4
sharp^0.34.5
svgo^4.0.0