PyPI · pypi.org
agent-security-harness
Webhook Exfil Endpoint: matched "webhook.site"
Why PkgRadar flagged 4.5.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Webhook Exfil Endpoint | matched "webhook.site" · agent_security_harness-4.5.0/protocol_tests/capability_profile_harness.py |
| high | Python Bun Js Exec | Python file references the Bun JavaScript runtime — cross-language execution · agent_security_harness-4.5.0/protocol_tests/mcp_supplychain.py |
| high | Python Bun Js Exec | Python file references the Bun JavaScript runtime — cross-language execution · agent_security_harness-4.5.0/protocol_tests/watermark_harness.py |
| medium | Remote Payload | matched "curl " · agent_security_harness-4.5.0/protocol_tests/cloud_agent_harness.py |
| medium | Remote Payload | matched "curl " · agent_security_harness-4.5.0/protocol_tests/crewai_cve_harness.py |
| medium | Remote Payload | matched "curl " · agent_security_harness-4.5.0/protocol_tests/extended_enterprise_adapters.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
4.5.0 | High risk | 161 | 2026-06-09 |
Block this in CI
pkgradar gate --ecosystem pypi agent-security-harness==4.5.0