PyPI · pypi.org

imbi-common

Remote Payload: matched "wget "

Why PkgRadar flagged 2.6.0

Severity	Signal	Evidence
medium	Remote Payload	matched "wget " · imbi_common-2.6.0/compose.yaml

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`2.11.5`	Low risk	0	2026-06-12
`2.11.4`	Low risk	0	2026-06-12
`2.11.3`	Low risk	0	2026-06-12
`2.11.2`	Low risk	0	2026-06-11
`2.11.0`	Low risk	0	2026-06-11
`2.10.0`	Low risk	0	2026-06-05
`2.9.2`	Low risk	0	2026-06-04
`2.9.1`	Low risk	0	2026-06-04
`2.9.0`	Low risk	0	2026-06-03
`2.8.0`	Low risk	0	2026-05-30
`2.7.0`	Low risk	0	2026-05-28
`2.6.0`	Review	12	2026-05-26

Block this in CI

PkgRadar gates imbi-common (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi imbi-common==2.6.0