PkgRadar

PyPI · pypi.org

megadetector

Remote Payload: matched "github.com/lukemelas/EfficientNet-PyTorch/releases/download"

Why PkgRadar flagged 10.0.21

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/lukemelas/EfficientNet-PyTorch/releases/download" · megadetector-10.0.21/megadetector/classification/efficientnet/utils.py
mediumRemote Payloadmatched "raw.githubusercontent.com" · megadetector-10.0.21/megadetector/data_management/camtrap_dp_to_coco.py
mediumRemote Payloadmatched "github.com/agentmorris/MegaDetector/releases/download" · megadetector-10.0.21/megadetector/detection/run_detector.py
mediumRemote Payloadmatched "raw.githubusercontent.com" · megadetector-10.0.21/megadetector/utils/url_utils.py

Scanned versions

VersionVerdictScoreScanned (UTC)
10.0.22Low risk02026-06-09
10.0.21Review242026-05-27

Block this in CI

PkgRadar gates megadetector (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi megadetector==10.0.21
Start free — 25 scans / moView full evidence