// AI tooling

AI / LLM API key theft

패턴: reads-ai-api-keys

Packages that read OPENAI_API_KEY, ANTHROPIC_API_KEY, GROQ_API_KEY or other LLM-vendor environment variables. Increasingly common as AI tooling becomes ambient in developer workflows.

2개 패키지에 이 패턴이 매칭됨. 최신순.

• AUTO-PUBLISHED/pypi/12h ago

  pipeline-check@1.1.0

  by Daniel Martin

  CI/CD Security Posture Scanner — scores AWS, Terraform, CloudFormation, GitHub Actions, GitLab CI, Azure DevOps, Bitbucket Pipelines, Jenkins, CircleCI, Google Cloud Build, Buildkite, Drone CI, Tekton, Argo Workflows, Dockerfile, Kubernetes manifests, Helm charts, OCI image manifests, SCM repo posture (GitHub / GitLab / Bitbucket), npm and pypi dependency files against OWASP Top 10 CI/CD Risks and 14 other compliance frameworks

  steals →npm tokenGitHub PATGitLab PATAI API keys

  py-pip-install-runtimereads-github-tokensreads-gitlab-tokens
• AUTO-PUBLISHED/npm/2026-03-29/MAL-2026-3847

  openclaw-cn@0.2.0

  by jiulingyun

  Openclaw 中文版 - WhatsApp gateway CLI (Baileys web) with Pi RPC agent

  steals →AI API keys→ sends tohttps://api.openai.com/v1/audio/transcriptions

  archive-then-uploadreads-ai-api-keysreads-env-varsbase64-decodepy-urllib-requestchild-process-spawnpublic-github-push