PkgRadar

PyPI · pypi.org

backfill-cli

Py Import Time Os System: Direct shell invocation via os.system / os.popen / os.exec*.

Why PkgRadar flagged 0.5.0

SeveritySignalEvidence
highPy Import Time Os SystemDirect shell invocation via os.system / os.popen / os.exec*. · backfill_cli-0.5.0/backfill_cli/__init__.py

Scanned versions

VersionVerdictScoreScanned (UTC)
0.5.0High risk502026-06-12
0.4.0High risk502026-06-12
0.3.0High risk502026-06-12

Block this in CI

PkgRadar gates backfill-cli (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi backfill-cli==0.5.0
Start free — 25 scans / moView full evidence
backfill-cli — PyPI security scan | PkgRadar