PkgRadar

Package evidence

[email protected]

Credential file access: matched ".AWS"

Recommended action

Block this update

Static evidence trips multiple high-signal indicators. Quarantine the release until the publisher validates the change or you can rule out the indicators below.

Inspect tarballAdd to CI gate
Block this release in CIcurl · GitHub Actions

Fail the build when this package version is added or upgraded. Replace $PKGRADAR_TOKEN with a Pro / Team API key from your dashboard.

curl -fsS https://pkgradar.com/gate/npm \
  -H "Authorization: Bearer $PKGRADAR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"specs":["[email protected]"],"fail_on":"high"}'

GitHub Actions step:

- name: PkgRadar gate
  run: |
    curl -fsS https://pkgradar.com/gate/npm \
      -H "Authorization: Bearer ${{ secrets.PKGRADAR_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{"specs":["[email protected]"],"fail_on":"high"}'
Publishersvidgen
Artifact bytes34,965
Previous version0.1.184
Published2026-05-25T01:47:37.629Z
SHA-256e50e2ebb2b5c62ef602136738c098098932f3a2de22e8407677c4b32f1ef8cdd

Why flagged

What the scanner saw

Credential file access: matched ".AWS"

Not observed: package install, lifecycle script execution, or sandbox execution. PkgRadar only inspects on-disk artifacts.

Availability ledger

available

high
Last checked
highRisk
243Score
0.1.185Version
Status history (1 event)
  1. newavailable · risk high · score 243 · status changed

Related candidates

Linked campaigns and clusters

Publisher / release actor burststale

svidgen

14 members · evidence strength 81

Evidence

Static findings

9 static · 0 from release diff · showing high-signal first.

SeverityKindPathDetailPoints
highCredential file accesspackage/dist/resources/background-job.jsmatched ".AWS"30
highCredential file accesspackage/dist/services/email-sender.jsmatched ".AWS"30
highCredential file accesspackage/dist/services/file.jsmatched ".aws"30
highCredential file accesspackage/dist/services/llm.jsmatched ".AWS"30
highCredential file accesspackage/dist/client/realtime.jsmatched ".aws"30
highCredential file accesspackage/dist/services/realtime.jsmatched ".aws"30
highCredential file accesspackage/amplify-backend-assets/backend.tsmatched ".AWS"30
highCredential file accesspackage/amplify-backend-assets/api/handler.tsmatched ".AWS"30
Show all 9 findings (low-signal and informational)
SeverityKindPathDetailPoints
highCredential file accesspackage/dist/resources/background-job.jsmatched ".AWS"30
highCredential file accesspackage/dist/services/email-sender.jsmatched ".AWS"30
highCredential file accesspackage/dist/services/file.jsmatched ".aws"30
highCredential file accesspackage/dist/services/llm.jsmatched ".AWS"30
highCredential file accesspackage/dist/client/realtime.jsmatched ".aws"30
highCredential file accesspackage/dist/services/realtime.jsmatched ".aws"30
highCredential file accesspackage/amplify-backend-assets/backend.tsmatched ".AWS"30
highCredential file accesspackage/amplify-backend-assets/api/handler.tsmatched ".AWS"30
lowObfuscationpackage/amplify-hosting-assets/compute/default/index.jsmatched "eval("3

Manifest

Package metadata

Scripts3
  • buildnpm run clean && tsc
  • cleanrimraf dist
  • testnode --import tsx --test test/**/*.test.ts
Dependencies20
  • @aws-crypto/sha256-js^5.2.0
  • @aws-sdk/client-bedrock-runtime^3.821.0
  • @aws-sdk/client-cognito-identity-provider^3.741.0
  • @aws-sdk/client-dynamodb^3.774.0
  • @aws-sdk/client-lambda3.821.0
  • @aws-sdk/client-s3^3.738.0
  • @aws-sdk/client-ses^3.998.0
  • @aws-sdk/credential-provider-node^3.806.0
  • @aws-sdk/lib-dynamodb^3.778.0
  • @aws-sdk/protocol-http^3.370.0
  • @aws-sdk/signature-v4^3.370.0
  • copy^0.3.2
  • esbuild^0.24.2
  • jose^6.1.0
  • jsdom^25.0.0
  • recursive-copy^2.0.14
  • rimraf^6.0.1
  • wirejs-deploy-aws^0.1.185
  • wirejs-dom^1.0.44
  • wirejs-resources^0.1.185