Big update!Introducing GitHub Bot Commands. Learn more
Socket
Log inDemoInstall

Environment variable access

Severity

Low

Description

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Suggestion

Packages should be clear about which environment variables they access, and care should be taken to ensure they only access environment variables they claim to.


Packages with this issue

Socket[email protected]

Product

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc