PkgRadar

PyPI · pypi.org

docs-anonymizer

Py Runtime Dynamic Dangerous Import: Dynamic __import__('os') — reflection bypass for static checks.

Why PkgRadar flagged 0.4.0

SeveritySignalEvidence
highPy Runtime Dynamic Dangerous ImportDynamic __import__('os') — reflection bypass for static checks. · docs_anonymizer-0.4.0/src/anonymizer/core/audit/feedback_log.py
mediumRemote Payloadmatched "curl " · docs_anonymizer-0.4.0/installer/install.sh

Scanned versions

VersionVerdictScoreScanned (UTC)
0.4.0High risk422026-06-10
0.3.0High risk422026-06-09
0.2.32High risk422026-06-08
0.2.31High risk422026-06-02
0.2.30High risk422026-05-30
0.2.29High risk422026-05-30
0.2.28High risk422026-05-30

Block this in CI

PkgRadar gates docs-anonymizer (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi docs-anonymizer==0.4.0
Start free — 25 scans / moView full evidence