PkgRadar

PyPI · pypi.org

letta-nightly

Py Runtime Base64 Decode: base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.

Why PkgRadar flagged 0.16.8.dev20260613112240

SeveritySignalEvidence
highPy Runtime Base64 Decodebase64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · letta_nightly-0.16.8.dev20260613112240/letta/services/tool_executor/tool_execution_sandbox.py
mediumRemote Payloadmatched "github.com/open-telemetry/opentelemetry-collector-releases/releases/download" · letta_nightly-0.16.8.dev20260613112240/otel/start-otel-collector.sh

Scanned versions

VersionVerdictScoreScanned (UTC)
0.16.8.dev20260613112240High risk312026-06-13
0.16.8.dev20260612115025High risk312026-06-12
0.16.8.dev20260611115932High risk312026-06-11
0.16.8.dev20260610114728High risk312026-06-10
0.16.8.dev20260609113957High risk312026-06-09
0.16.8.dev20260608121206High risk312026-06-08
0.16.8.dev20260607111628High risk312026-06-07
0.16.8.dev20260606110624High risk312026-06-06
0.16.8.dev20260605114054High risk312026-06-05
0.16.8.dev20260604113611High risk312026-06-04
0.16.8.dev20260603121421High risk312026-06-03
0.16.8.dev20260602115710High risk312026-06-02
0.16.8.dev20260601122724High risk312026-06-01
0.16.8.dev20260531111227High risk312026-05-31
0.16.8.dev20260530110441High risk312026-05-30
0.16.8.dev20260529114250High risk312026-05-30
0.16.8.dev20260528114914High risk312026-05-30
0.16.8.dev20260527114924High risk312026-05-30

Block this in CI

PkgRadar gates letta-nightly (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi letta-nightly==0.16.8.dev20260613112240
Start free — 25 scans / moView full evidence