PkgRadar

PyPI · pypi.org

jolt

Py Install Time Eval Exec: Python eval()/exec() called on a string.

Why PkgRadar flagged 0.10.24

SeveritySignalEvidence
mediumPy Install Time Eval ExecPython eval()/exec() called on a string. · jolt-0.10.24/setup.py

Scanned versions

VersionVerdictScoreScanned (UTC)
0.10.28Low risk02026-06-15
0.10.27Low risk02026-06-09
0.10.24Review132026-05-28
0.10.23Review132026-05-28
0.10.19Review872026-05-26

Block this in CI

PkgRadar gates jolt (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi jolt==0.10.24
Start free — 25 scans / moView full evidence
jolt — PyPI security scan | PkgRadar