PkgRadar

PyPI · pypi.org

arifos

Py Runtime Dynamic Dangerous Import: Dynamic __import__('os') — reflection bypass for static checks.

Why PkgRadar flagged 1!2026.6.11

SeveritySignalEvidence
highPy Runtime Dynamic Dangerous ImportDynamic __import__('os') — reflection bypass for static checks. · arifos-1!2026.6.11/arifosmcp/intelligence/tools/system_monitor.py
mediumCredential file accessmatched ".ssh/" · arifos-1!2026.6.11/arifosmcp/runtime/sovereign_verify.py

Scanned versions

VersionVerdictScoreScanned (UTC)
1!2026.6.11High risk382026-06-05
1!2026.6.10High risk382026-06-05
1!2026.6.5High risk382026-06-05
1!2026.6.9Low risk02026-06-05
1!2026.6.8Low risk02026-06-05
1!2026.6.7Low risk02026-06-05
2026.6.6Low risk02026-06-05
2026.6.5Low risk02026-06-05
2026.6.4Low risk02026-06-04
2026.5.26Low risk02026-06-04

Block this in CI

PkgRadar gates arifos (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi arifos==1!2026.6.11
Start free — 25 scans / moView full evidence