PyPI · pypi.org
agilab
Py Runtime Base64 Decode: base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.
Why PkgRadar flagged 2026.6.16
| Severity | Signal | Evidence |
|---|---|---|
| high | Py Runtime Base64 Decode | base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · agilab-2026.6.16/src/agilab/evidence/evidence_contract.py |
| medium | Suspicious Publish Context | {"package_age_days":2,"publisher":"Jean-Pierre Morard","burst_same_day":2,"burst_week":15,"lure":null,"version_anomaly":true,"new_account":false} |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
2026.6.16 | High risk | 50 | 2026-06-16 |
2026.6.14.1 | High risk | 50 | 2026-06-14 |
2026.6.13.1 | High risk | 50 | 2026-06-13 |
2026.6.13 | High risk | 50 | 2026-06-13 |
2026.6.12 | High risk | 50 | 2026-06-12 |
2026.6.8 | High risk | 40 | 2026-06-08 |
2026.6.5 | High risk | 40 | 2026-06-06 |
2026.6.4.2 | High risk | 40 | 2026-06-04 |
2026.6.4.1 | High risk | 40 | 2026-06-04 |
2026.6.4 | Low risk | 0 | 2026-06-04 |
2026.6.2.post1 | Low risk | 0 | 2026-06-03 |
2026.6.2 | High risk | 40 | 2026-06-02 |
2026.6.1 | High risk | 40 | 2026-06-01 |
2026.5.31.post1 | High risk | 40 | 2026-05-31 |
2026.5.31 | High risk | 40 | 2026-05-30 |
2026.5.30.post1 | High risk | 40 | 2026-05-30 |
2026.5.30 | High risk | 40 | 2026-05-29 |
2026.5.29 | High risk | 45 | 2026-05-28 |
Block this in CI
pkgradar gate --ecosystem pypi agilab==2026.6.16