PkgRadar

PyPI · pypi.org

hoa-tools

Remote Payload: matched "Wget "

Why PkgRadar flagged 2.0.0

SeveritySignalEvidence
mediumRemote Payloadmatched "Wget " · hoa_tools-2.0.0/schemas/github-issue-forms.json

Scanned versions

VersionVerdictScoreScanned (UTC)
2.0.0Review62026-05-26

Block this in CI

PkgRadar gates hoa-tools (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi hoa-tools==2.0.0
Start free — 25 scans / moView full evidence