PkgRadar

PyPI · pypi.org

bikescout

Remote Payload: matched "raw.githubusercontent.com"

Why PkgRadar flagged 1.5.0

SeveritySignalEvidence
mediumRemote Payloadmatched "raw.githubusercontent.com" · bikescout-1.5.0/src/bikescout/app.py

Scanned versions

VersionVerdictScoreScanned (UTC)
1.5.2Low risk02026-06-15
1.5.1Low risk02026-06-03
1.5.0Review152026-05-27

Block this in CI

PkgRadar gates bikescout (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi bikescout==1.5.0
Start free — 25 scans / moView full evidence