PkgRadar

PyPI · pypi.org

control-arena

Remote Payload: matched "curl\n\n"

Why PkgRadar flagged 17.0.0

SeveritySignalEvidence
mediumRemote Payloadmatched "curl\n\n" · control_arena-17.0.0/control_arena/settings/bash_arena/base_environment/router_command_template.sh
mediumRemote Payloadmatched "curl " · control_arena-17.0.0/installation_scripts/external_dependencies.sh

Scanned versions

VersionVerdictScoreScanned (UTC)
17.0.0Review262026-06-09

Block this in CI

PkgRadar gates control-arena (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi control-arena==17.0.0
Start free — 25 scans / moView full evidence