Credential theft leads to repository poisoning According to an analysis by Checkmarx, the python-sdk Top.gg repository had the malicious code committed from a GitHub account called editor-syntax.