@actagent/amazon-bedrock-provider flagged credential stealer (npm) — Cremit · NHI Credential Stealer Index