PkgRadar

PyPI · pypi.org

ai-blackteam

Webhook Exfil Endpoint: matched "webhook.site"

Why PkgRadar flagged 1.7.1

SeveritySignalEvidence
highWebhook Exfil Endpointmatched "webhook.site" · ai_blackteam-1.7.1/src/ai_blackteam/attacks/mcp_data_exfiltration.py
highCredential file accessmatched ".aws/" · ai_blackteam-1.7.1/src/ai_blackteam/attacks/mcp_data_exfiltration.py

Scanned versions

VersionVerdictScoreScanned (UTC)
1.7.1High risk1202026-05-31
1.7.0High risk1202026-05-31
1.6.0High risk1202026-05-30
1.5.0High risk1202026-05-30
1.4.0High risk1202026-05-30
1.3.0High risk1202026-05-30

Block this in CI

PkgRadar gates ai-blackteam (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi ai-blackteam==1.7.1
Start free — 25 scans / moView full evidence