Severity
Low
Description
Package accesses environment variables, which may be a sign of credential stuffing or data theft.
Suggestion
Packages should be clear about which environment variables they access, and care should be taken to ensure they only access environment variables they claim to.
Packages with this alert
A package that initializes dd trace when the `DATADOG_ENABLED true` is an environment variable, (and is lexographically superior, so that it is sorted to be "first")
A package that initializes dd trace when the environment is production, (and is lexographically superior, so that it is sorted to be "first")
🔥 single-command flamegraph profiling 🔥
This template provides a minimal setup to get React working in Vite with HMR and some ESLint rules.
Sequence: a modular web3 stack and smart wallet for Ethereum chains
Capture your command not found and tries to ssh
Read the config for your app from only the environment.
An advanced home security system integrated with artificial intelligence and smart sensors, offering enhanced protection against intrusions and real-time alert notifications.