PkgRadar

PyPI · pypi.org

autogluon-multimodal

Remote Payload: matched "github.com/SwinTransformer/storage/releases/download"

Why PkgRadar flagged 1.5.1b20260527

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/SwinTransformer/storage/releases/download" · autogluon_multimodal-1.5.1b20260527/src/autogluon/multimodal/configs/pretrain/detection/dino/dino-5scale_swin-l_8xb2-12e_coco.py
mediumRemote Payloadmatched "github.com/Megvii-BaseDetection/YOLOX/releases/download" · autogluon_multimodal-1.5.1b20260527/src/autogluon/multimodal/models/mmdet_image.py

Scanned versions

VersionVerdictScoreScanned (UTC)
1.5.1b20260613Low risk02026-06-13
1.5.1b20260612Low risk02026-06-12
1.5.1b20260611Low risk02026-06-11
1.5.1b20260610Low risk02026-06-10
1.5.1b20260609Low risk02026-06-09
1.5.1b20260608Low risk02026-06-08
1.5.1b20260607Low risk02026-06-07
1.5.1b20260606Low risk02026-06-06
1.5.1b20260605Low risk02026-06-05
1.5.1b20260604Low risk02026-06-04
1.5.1b20260603Low risk02026-06-03
1.5.1b20260602Low risk02026-06-02
1.5.1b20260601Low risk02026-06-01
1.5.1b20260531Low risk02026-05-31
1.5.1b20260530Low risk02026-05-30
1.5.1b20260529Low risk02026-05-29
1.5.1b20260528Low risk02026-05-28
1.5.1b20260527Review122026-05-27

Block this in CI

PkgRadar gates autogluon-multimodal (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi autogluon-multimodal==1.5.1b20260527
Start free — 25 scans / moView full evidence