PkgRadar

PyPI · pypi.org

flask-commands

Credential File Packaged: flask_commands-0.3.8/flask_commands/project/.env

Why PkgRadar flagged 0.3.8

SeveritySignalEvidence
highCredential File Packagedflask_commands-0.3.8/flask_commands/project/.env · flask_commands-0.3.8/flask_commands/project/.env
highCredential File Packagedflask_commands-0.3.8/flask_commands/project_no_db/.env · flask_commands-0.3.8/flask_commands/project_no_db/.env

Scanned versions

VersionVerdictScoreScanned (UTC)
0.3.8High risk702026-06-15
0.3.7High risk702026-06-15
0.3.6High risk702026-06-08
0.3.5High risk702026-06-07
0.3.4High risk702026-06-06
0.3.3High risk702026-05-30

Block this in CI

PkgRadar gates flask-commands (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi flask-commands==0.3.8
Start free — 25 scans / moView full evidence