PkgRadar

Package evidence

[email protected]

Credential file access: matched ".AWS"

Recommended action

Block this update

Static evidence trips multiple high-signal indicators. Quarantine the release until the publisher validates the change or you can rule out the indicators below.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["[email protected]"],"fail_on":"high"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["[email protected]"],"fail_on":"high"}'
Publishergeekdada
Artifact bytes154,976
Previous version3.14.0
Published2026-05-23T07:29:22.877Z
SHA-2565d4c93a2dd6bcf9129f02cab76aa7c182acfd249098b0581502f330cace0cfea

Why flagged

What the scanner saw

Credential file access: matched ".AWS"

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

high
Last checked
highRisk
63Score
3.15.0Version
Status history (1 event)
  1. newavailable · risk high · score 63 · status changed

Related candidates

Linked campaigns and clusters

Publisher / release actor burststale

geekdada

2 members · evidence strength 56

Evidence

Static findings

6 static · 0 from release diff · showing high-signal first.

SeverityKindPathDetailPoints
highCredential file accesspackage/build/utils/index.jsmatched ".AWS"30
mediumRemote Payloadpackage/build/config.jsmatched "cUrl "12
mediumRemote Payloadpackage/build/constant/constant.jsmatched "curl "12
Show all 6 findings (low-signal and informational)
SeverityKindPathDetailPoints
highCredential file accesspackage/build/utils/index.jsmatched ".AWS"30
mediumRemote Payloadpackage/build/config.jsmatched "cUrl "12
mediumRemote Payloadpackage/build/constant/constant.jsmatched "curl "12
lowObfuscationpackage/build/constant/constant.jsmatched "eval("3
lowObfuscationpackage/build/utils/flag.jsmatched "\\u4E00"3
lowObfuscationpackage/build/utils/index.jsmatched "Buffer.from(str, 'base64"3

Manifest

Package metadata

Scripts17
  • buildtsc --build tsconfig.build.json
  • changelogconventional-changelog -p angular -i CHANGELOG.md -s -r 0
  • check-vuepress-versionncu -f "*vuepress*" --interactive --target @next -p pnpm
  • cleanpnpm run build --clean
  • coverageTS_NODE_FILES=true nyc ava
  • devpnpm run build -- --watch
  • docs:buildNODE_ENV=production vuepress build docs
  • docs:devNODE_ENV=development vuepress dev docs
  • releasebumpp && pnpm publish
  • release:betabumpp --preid beta --no-push && pnpm publish --tag beta
  • run-examplenode ./scripts/run-example.js
  • testrun-s build test:lint test:unit test:cli
  • test:climocha
  • test:cli:updateCHAI_JEST_SNAPSHOT_UPDATE_ALL=true pnpm test:cli
  • test:linteslint .
  • test:typestsc --noEmit
  • test:unitava
Dependencies47
  • @babel/parser^7.28.5
  • @brillout/import^0.2.6
  • @oclif/core^2.16.0
  • @oclif/plugin-help^5.2.20
  • @oclif/plugin-plugins^3.10.1
  • @royli/hygen^6.2.0
  • @surgio/eslint-config-surgio^2.0.0
  • @surgio/logger^1.3.0
  • ali-oss^6.23.0
  • bluebird^3.7.2
  • bytes^3.1.2
  • cache-manager^5.7.6
  • cache-manager-ioredis-yet^1.2.2
  • chalk^4.1.2
  • change-case^4.1.2
  • check-node-version^4.2.1
  • compare-versions^6.1.1
  • date-fns^2.30.0
  • detect-newline^3.1.0
  • dotenv^16.6.1
  • emoji-regex^10.6.0
  • eslint^9.28.0
  • execa^4.1.0
  • filesize^10.1.6
  • fs-extra^11.3.3
  • got^11.8.6
  • hpagent^1.2.0
  • inquirer^8.2.7
  • ioredis^5.8.2
  • is-gzip^2.0.0
  • …and 17 more.