PyPI · pypi.org
daylily-ephemeral-cluster
Remote Payload: matched "wget "
Why PkgRadar flagged 5.1.30
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "wget " · daylily_ec/resources/payload/bin/check_prereq_sw.sh |
| medium | Remote Payload | matched "curl\n" · daylily_ec/resources/payload/bin/test_region_accel_endpoint.sh |
| medium | Remote Payload | matched "curl " · daylily_ec/resources/payload/bin/aws/check_instance_type.sh |
| medium | Remote Payload | matched "curl " · daylily_ec/resources/payload/config/day_cluster/post_install_tags.sh |
| medium | Remote Payload | matched "curl " · daylily_ec/resources/payload/config/day_cluster/post_install_ubuntu_combined.sh |
| medium | Remote Payload | matched "wget " · daylily_ec/resources/payload/quarantine/config/day/day_env_installer.sh |
| medium | Credential file access | matched ".aws/" · daylily_ec/resources/payload/bin/daylily-analysis-samples-to-manifest-new.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
5.1.30 | High risk | 87 | 2026-06-03 |
5.1.29 | High risk | 87 | 2026-06-03 |
5.1.21 | High risk | 87 | 2026-06-02 |
5.1.17 | High risk | 87 | 2026-06-01 |
Block this in CI
pkgradar gate --ecosystem pypi daylily-ephemeral-cluster==5.1.30