PyPI · pypi.org
liblinks-and-nodes
Py Import Time Subprocess: subprocess call with shell=True — passes argv to /bin/sh.
Why PkgRadar flagged 2.8.1
| Severity | Signal | Evidence |
|---|---|---|
| medium | Py Import Time Subprocess | subprocess call with shell=True — passes argv to /bin/sh. · pyutils/__init__.py |
| high | Clipboard Crypto Steal | clipboard access library paired with cryptocurrency seed/key patterns · links_and_nodes_manager/ProcessesGui.py |
| medium | Py Import Time Ctypes Load | ctypes.CDLL/cdll.LoadLibrary — loads native code into the process. · liblinks_and_nodes/__init__.py |
| medium | Large Native Blob | 7503016 bytes · links_and_nodes/linux-x86_64-3.10/_ln.so |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
2.8.1 | High risk | 132 | 2026-06-10 |
Block this in CI
pkgradar gate --ecosystem pypi liblinks-and-nodes==2.8.1