PkgRadar

PyPI · pypi.org

hol-guard

Clipboard Crypto Steal: clipboard access library paired with cryptocurrency seed/key patterns

Why PkgRadar flagged 2.0.646

SeveritySignalEvidence
highClipboard Crypto Stealclipboard access library paired with cryptocurrency seed/key patterns · hol_guard-2.0.646/src/codex_plugin_scanner/guard/runtime/false_positive_rules.py
highPython Bun Js ExecPython file references the Bun JavaScript runtime — cross-language execution · hol_guard-2.0.646/src/codex_plugin_scanner/checks/operational_security.py
highPython Bun Js ExecPython file references the Bun JavaScript runtime — cross-language execution · hol_guard-2.0.646/src/codex_plugin_scanner/guard/local_supply_chain.py
highPython Bun Js ExecPython file references the Bun JavaScript runtime — cross-language execution · hol_guard-2.0.646/src/codex_plugin_scanner/guard/shim_probe.py
highPython Bun Js ExecPython file references the Bun JavaScript runtime — cross-language execution · hol_guard-2.0.646/src/codex_plugin_scanner/guard/shims.py
highPython Bun Js ExecPython file references the Bun JavaScript runtime — cross-language execution · hol_guard-2.0.646/src/codex_plugin_scanner/guard/adapters/opencode_pretool.py
highPython Bun Js ExecPython file references the Bun JavaScript runtime — cross-language execution · hol_guard-2.0.646/src/codex_plugin_scanner/guard/cli/commands_support_interaction.py
highPython Bun Js ExecPython file references the Bun JavaScript runtime — cross-language execution · hol_guard-2.0.646/src/codex_plugin_scanner/guard/cli/commands_support_runtime_policy.py
highPython Bun Js ExecPython file references the Bun JavaScript runtime — cross-language execution · hol_guard-2.0.646/src/codex_plugin_scanner/guard/runtime/mcp_protection.py
highPython Bun Js ExecPython file references the Bun JavaScript runtime — cross-language execution · hol_guard-2.0.646/src/codex_plugin_scanner/guard/runtime/mcp_skill_firewall.py
highPython Bun Js ExecPython file references the Bun JavaScript runtime — cross-language execution · hol_guard-2.0.646/src/codex_plugin_scanner/guard/runtime/package_intent_parser.py
highPython Bun Js ExecPython file references the Bun JavaScript runtime — cross-language execution · hol_guard-2.0.646/src/codex_plugin_scanner/guard/runtime/package_manifest_diff.py

Scanned versions

VersionVerdictScoreScanned (UTC)
2.0.646High risk3102026-06-13
2.0.645High risk3102026-06-13
2.0.644High risk3102026-06-13
2.0.643High risk3102026-06-13
2.0.642High risk3102026-06-13
2.0.641High risk3102026-06-13
2.0.640High risk3102026-06-13
2.0.639High risk3102026-06-13
2.0.638High risk3102026-06-12
2.0.637High risk3102026-06-12
2.0.636High risk3102026-06-12
2.0.635High risk3102026-06-12
2.0.634High risk3102026-06-12
2.0.633High risk3102026-06-12
2.0.632High risk3102026-06-12
2.0.631High risk3102026-06-12
2.0.630High risk3102026-06-12
2.0.629High risk3102026-06-12
2.0.628High risk3102026-06-12
2.0.627High risk3102026-06-12
2.0.626High risk3102026-06-12
2.0.625High risk3102026-06-12
2.0.624High risk3102026-06-12
2.0.623High risk3102026-06-12
2.0.622High risk3102026-06-12
2.0.621High risk3102026-06-12
2.0.620High risk3102026-06-12
2.0.619High risk3102026-06-12
2.0.618High risk3102026-06-12
2.0.617High risk3102026-06-12
2.0.616High risk3102026-06-12
2.0.615High risk3102026-06-12
2.0.614High risk3102026-06-12
2.0.613High risk3102026-06-12
2.0.612High risk3102026-06-12
2.0.611High risk3102026-06-12
2.0.610High risk3102026-06-12
2.0.609High risk3102026-06-12
2.0.608High risk3102026-06-12
2.0.607High risk3102026-06-12
2.0.606High risk3102026-06-12
2.0.605High risk3102026-06-12
2.0.604High risk3102026-06-12
2.0.603High risk3102026-06-12
2.0.602High risk3102026-06-11
2.0.601High risk3102026-06-11
2.0.600High risk3102026-06-11
2.0.599High risk3102026-06-11
2.0.598High risk3102026-06-11
2.0.597High risk3102026-06-11
2.0.596High risk3102026-06-11
2.0.595High risk3102026-06-11
2.0.594High risk3102026-06-11
2.0.593High risk3102026-06-11
2.0.592High risk3102026-06-11
2.0.591High risk3102026-06-11
2.0.590High risk3102026-06-11
2.0.589High risk3102026-06-11
2.0.588High risk3102026-06-11
2.0.587High risk3102026-06-11
2.0.586High risk3102026-06-11
2.0.585High risk3102026-06-11
2.0.584High risk3102026-06-11
1High risk3102026-06-11
1.2.25High risk3102026-06-11
2.0.583High risk3102026-06-11
2.0.582High risk3102026-06-11
2.0.581High risk3102026-06-11
2.0.580High risk3102026-06-11
2.0.579High risk3102026-06-11
2.0.578High risk3102026-06-11
2.0.577High risk3102026-06-11
2.0.576High risk3102026-06-10
2.0.575High risk3102026-06-10
2.0.574High risk3102026-06-10
2.0.573High risk3102026-06-10
2.0.572High risk3102026-06-10
2.0.571High risk3102026-06-10
2.0.570High risk3102026-06-10
2.0.569High risk3102026-06-10
2.0.568High risk3102026-06-10
2.0.567High risk3102026-06-10
2.0.566High risk3102026-06-10
2.0.565High risk3102026-06-10
2.0.564High risk3102026-06-10
2.0.563High risk3102026-06-10
2.0.562High risk3102026-06-10
2.0.561High risk3102026-06-10
2.0.560High risk3102026-06-10
2.0.559High risk3102026-06-10
2.0.558High risk3102026-06-10
2.0.557High risk3102026-06-10
2.0.556High risk3102026-06-10
2.0.555High risk3102026-06-10
2.0.554High risk3102026-06-10
2.0.553High risk3102026-06-09
2.0.552High risk3102026-06-09
2.0.551High risk3102026-06-09
2.0.550High risk3102026-06-09
2.0.549High risk3102026-06-09
2.0.548High risk3102026-06-09
2.0.547High risk3102026-06-09
2.0.546High risk3102026-06-09
2.0.545High risk3102026-06-09
2.0.544High risk3102026-06-09
2.0.543High risk3102026-06-09
2.0.542High risk3102026-06-09
2.0.541High risk3102026-06-09
2.0.540High risk3102026-06-09
2.0.539High risk2152026-06-09
2.0.538High risk2152026-06-09
2.0.537High risk2152026-06-08
2.0.536High risk2152026-06-08
2.0.535High risk2152026-06-08
2.0.534High risk2152026-06-08
2.0.533High risk2152026-06-08
2.0.532High risk2152026-06-08
2.0.531High risk2152026-06-08
2.0.530High risk2152026-06-08
2.0.529High risk2152026-06-08
2.0.528High risk2152026-06-08
2.0.527High risk2152026-06-08
2.0.526High risk2152026-06-07
2.0.525High risk2152026-06-07
2.0.524High risk2152026-06-07
2.0.523High risk2152026-06-07
2.0.522High risk2152026-06-07
2.0.521High risk2152026-06-07
2.0.520High risk2152026-06-07
2.0.519High risk2152026-06-07
2.0.518High risk2152026-06-07
2.0.517High risk2152026-06-07
2.0.516High risk2152026-06-07
2.0.515High risk2152026-06-07
2.0.514High risk2152026-06-07
2.0.513High risk2152026-06-07
2.0.512High risk2152026-06-07
2.0.511High risk2152026-06-07
2.0.510High risk2152026-06-07
2.0.509High risk2152026-06-07
2.0.508High risk2152026-06-07
2.0.507High risk2152026-06-07
2.0.506High risk2152026-06-07
2.0.505High risk2152026-06-07
2.0.504High risk2152026-06-07
2.0.503High risk2152026-06-07
2.0.502High risk2152026-06-07
2.0.501High risk2152026-06-07
2.0.500High risk2152026-06-06
2.0.499High risk2152026-06-06
2.0.498High risk2152026-06-06
2.0.497High risk2152026-06-06
2.0.496High risk2152026-06-06
2.0.495High risk2152026-06-06
2.0.494High risk2152026-06-06
2.0.493High risk2152026-06-06
2.0.492High risk2152026-06-06
2.0.491High risk2152026-06-06
2.0.490High risk2152026-06-06
2.0.489High risk2152026-06-06
2.0.488High risk2152026-06-06
2.0.487High risk2152026-06-06
2.0.486High risk2152026-06-06
2.0.485High risk2152026-06-06
2.0.484High risk2152026-06-06
2.0.483High risk2152026-06-06
2.0.482High risk2152026-06-06
2.0.481High risk2152026-06-06
2.0.480High risk2152026-06-06
2.0.479High risk2152026-06-06
2.0.478High risk2152026-06-06
2.0.477High risk1952026-06-06
2.0.476High risk1952026-06-05
2.0.475High risk1952026-06-05
2.0.474High risk1952026-06-05
2.0.473High risk1952026-06-05
2.0.472High risk1952026-06-05
2.0.471High risk1952026-06-05
2.0.470High risk1952026-06-05
2.0.469High risk1952026-06-05
2.0.468High risk1952026-06-05
2.0.467High risk1952026-06-05
2.0.466High risk1952026-06-05
2.0.465High risk1952026-06-05
2.0.464High risk1952026-06-05
2.0.463High risk1952026-06-05
2.0.462High risk1952026-06-05
2.0.461High risk1952026-06-05
2.0.460High risk1952026-06-05
2.0.459High risk1952026-06-05
2.0.458High risk1952026-06-05
2.0.457High risk1952026-06-05
2.0.456High risk1952026-06-05
2.0.455High risk1952026-06-05
2.0.454High risk1952026-06-05
2.0.453High risk1952026-06-05
2.0.452High risk1952026-06-05
2.0.451High risk1952026-06-05
2.0.450High risk1952026-06-05
2.0.449High risk1952026-06-05

Block this in CI

PkgRadar gates hol-guard (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi hol-guard==2.0.646
Start free — 25 scans / moView full evidence