PkgRadar

PyPI · pypi.org

agntspace

Py Install Time Os System: Direct shell invocation via os.system / os.popen / os.exec*.

Why PkgRadar flagged 1.123.0

SeveritySignalEvidence
highPy Install Time Os SystemDirect shell invocation via os.system / os.popen / os.exec*. · agntspace-1.123.0/src/agntspace/api/routes/setup.py
highPy Runtime Base64 Decodebase64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · agntspace-1.123.0/src/agntspace/channels/whatsapp.py

Scanned versions

VersionVerdictScoreScanned (UTC)
1.123.0High risk852026-06-11
1.122.0High risk852026-06-11
1.120.0High risk852026-06-11
1.119.0High risk852026-06-10
1.118.0High risk852026-06-10
1.117.0High risk852026-06-08
1.116.0High risk852026-06-08
1.115.2High risk852026-06-07
1.115.1High risk852026-06-07
1.115.0High risk852026-06-07
1.114.1High risk852026-06-07
1.114.0High risk852026-06-06
1.113.0High risk852026-06-06
1.112.0High risk852026-06-06
1.111.2High risk852026-06-06
1.111.1High risk852026-06-06
1.111.0High risk852026-06-06
1.110.0High risk852026-06-03
1.109.0High risk852026-06-03
1.108.2High risk852026-06-01
1.108.0High risk852026-05-30
1.108.1High risk852026-05-30
1.107.0High risk852026-05-30
1.106.0High risk852026-05-30
1.105.0High risk852026-05-30
1.104.1High risk852026-05-30
1.104.0High risk852026-05-30
1.103.1High risk852026-05-30
1.103.0High risk852026-05-30
1.102.2High risk852026-05-30
1.102.1High risk852026-05-30
1.102.0High risk852026-05-30

Block this in CI

PkgRadar gates agntspace (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi agntspace==1.123.0
Start free — 25 scans / moView full evidence