PkgRadar

PyPI · pypi.org

anuga

Remote Payload: matched "wget\n\n"

Why PkgRadar flagged 3.3.7

SeveritySignalEvidence
mediumRemote Payloadmatched "wget\n\n" · anuga-3.3.7/tools/install_conda.sh
mediumRemote Payloadmatched "wget " · anuga-3.3.7/tools/install_conda_macos.sh
mediumRemote Payloadmatched "wget " · anuga-3.3.7/tools/install_conda_macos_travis.sh
mediumRemote Payloadmatched "wget " · anuga-3.3.7/tools/install_conda_travis.sh
mediumRemote Payloadmatched "wget " · anuga-3.3.7/tools/install_conda_ubuntu.sh
mediumRemote Payloadmatched "wget\n\n\n" · anuga-3.3.7/tools/install_conda_ubuntu_20_04.sh
mediumRemote Payloadmatched "wget\n\n\n" · anuga-3.3.7/tools/install_conda_ubuntu_22_04.sh
mediumRemote Payloadmatched "wget " · anuga-3.3.7/tools/install_miniforge.sh

Scanned versions

VersionVerdictScoreScanned (UTC)
3.3.7High risk432026-06-06

Block this in CI

PkgRadar gates anuga (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi anuga==3.3.7
Start free — 25 scans / moView full evidence