Stripe and Google Cloud Storage Are Both CRITICAL on npm
Company reputation doesn’t fix credential concentration.
The stripe npm package processes payments for millions of businesses. It has 12 million downloads per week and one npm publisher: a service account called stripe-bindings.
If someone compromises that account’s credentials, they publish a malicious version to every npm install in every CI pipeline that depends on stripe. This is not a theoretical risk. The axios attack in March 2026 followed the same pattern: one publisher, stolen credentials, 97 million machines exposed.
The audit
I ran five infrastructure packages through Commit’s behavioral audit:
| Package | Score | Publishers | Downloads/wk | Risk |
|---|---|---|---|---|
next | 95 | 4 | 37.7M | — |
@aws-sdk/client-s3 | 92 | 2 | 29.1M | — |
stripe | 86 | 1 | 12.2M | CRITICAL |
@google-cloud/storage | 75 | 1 | 12.4M | CRITICAL |
prisma | 88 | 2 | 12.4M | — |
Two of the five are CRITICAL. Not because Stripe or Google have bad security practices—they don’t. But because npm’s publish model concentrates access in a single credential.
What CRITICAL means here
Commit flags a package as CRITICAL when it has a single npm publisher and more than 10 million weekly downloads. This is the attack surface that the axios, LiteLLM, and event-stream attacks exploited. The attacker doesn’t need to find a vulnerability in the code. They need one credential.
stripe also has hasDangerousWorkflow: true from the OpenSSF Scorecard, meaning its GitHub Actions configuration has patterns that could be exploited—e.g., a pull_request_target trigger with write permissions. Combined with a single publisher, this creates two independent attack paths.
What’s not at risk
To be clear: Stripe the company has strong security infrastructure. Their API, their dashboard, their card processing—those run on systems they control. The risk here is specifically the npm distribution channel. The stripe npm package is the SDK that 12 million weekly installs pull into their own applications. If a malicious version gets published, it runs in your CI pipeline and your production servers—not Stripe’s.
The structural fix
There are two paths out:
- Add a second npm publisher.
nexthas 4 publishers.@aws-sdk/client-s3has 2. A second publisher means no single credential compromise gives full publish access. This costs nothing. - Enable npm Trusted Publishing. OIDC-based provenance ties every published version to a specific GitHub Actions run. No long-lived tokens to steal.
stripealready publishes with provenance (hasProvenance: true), which is good—but Trusted Publishing with mandatory 2FA on the publisher account is the full solution.
Compare: prisma has 12.4 million downloads/week and 2 publishers. It’s not CRITICAL. The difference is one line in npm owner add.
Check your own dependencies
Run this in any project:
npx proof-of-commitment --file package.jsonOr paste packages into the web audit. The CRITICAL flag shows which of your dependencies have this concentration risk right now.