Rubocop complains about gemspec.test_files plus the test-files contain insecure Gemfile.lock files which can sometimes trigger other vulnerability scanners when they scan bundler-audit.