PyPI · pypi.org
electricore
Remote Payload: matched "raw.githubusercontent.com"
Why PkgRadar flagged 1.7.0
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "raw.githubusercontent.com" · electricore-1.7.0/deploy/install.sh |
| medium | Remote Payload | matched "curl " · electricore-1.7.0/deploy/lib/etl.sh |
| medium | Remote Payload | matched "curl " · electricore-1.7.0/deploy/lib/stack.sh |
| medium | Remote Payload | matched "curl " · electricore-1.7.0/deploy/lib/system.sh |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.7.0 | High risk | 26 | 2026-06-07 |
1.7.0rc4 | High risk | 26 | 2026-06-07 |
1.7.0rc3 | High risk | 20 | 2026-06-07 |
1.7.0rc2 | High risk | 20 | 2026-06-07 |
1.7.0rc1 | Low risk | 0 | 2026-06-05 |
1.6.1 | Low risk | 0 | 2026-06-04 |
1.5.0 | Low risk | 0 | 2026-06-04 |
1.6.0 | Low risk | 0 | 2026-06-04 |
1.4.0 | Low risk | 0 | 2026-06-01 |
1.3.5 | Low risk | 0 | 2026-06-01 |
Block this in CI
pkgradar gate --ecosystem pypi electricore==1.7.0