PkgRadar

PyPI · pypi.org

ldaca-wordflow

Remote Payload: matched "raw.githubusercontent.com"

Why PkgRadar flagged 0.5.5

SeveritySignalEvidence
mediumRemote Payloadmatched "raw.githubusercontent.com" · ldaca_wordflow-0.5.5/src/ldaca_wordflow/settings.py
mediumRemote Payloadmatched "raw.githubusercontent.com" · ldaca_wordflow-0.5.5/src/ldaca_wordflow/_vendor/GenderGapTracker/nlp/english/topic_model/spacyLemmas/convert_spacy_lemmas.py
mediumRemote Payloadmatched "raw.githubusercontent.com" · ldaca_wordflow-0.5.5/src/ldaca_wordflow/_vendor/GenderGapTracker/nlp/english/topic_model/stopwords/create_stopword_list.py

Scanned versions

VersionVerdictScoreScanned (UTC)
0.5.6Low risk02026-06-01
0.5.5Review362026-05-27

Block this in CI

PkgRadar gates ldaca-wordflow (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi ldaca-wordflow==0.5.5
Start free — 25 scans / moView full evidence