PkgRadar

PyPI · pypi.org

gitbolt

Remote Payload: matched "curl "

Why PkgRadar flagged 0.0.0.dev18

SeveritySignalEvidence
mediumRemote Payloadmatched "curl " · gitbolt-0.0.0.dev18/src/gitbolt/models.py

Scanned versions

VersionVerdictScoreScanned (UTC)
0.0.0.dev21Low risk02026-06-04
0.0.0.dev20Low risk02026-06-03
0.0.0.dev19Low risk02026-06-01
0.0.0.dev18Review82026-05-27

Block this in CI

PkgRadar gates gitbolt (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi gitbolt==0.0.0.dev18
Start free — 25 scans / moView full evidence
gitbolt — PyPI security scan | PkgRadar