PkgRadar

PyPI · pypi.org

memoryintelligence-mcp

Py Runtime Base64 Decode: base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.

Why PkgRadar flagged 0.1.8

SeveritySignalEvidence
highPy Runtime Base64 Decodebase64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · memoryintelligence_mcp-0.1.8/src/mi_mcp/cli.py
highPy Runtime Base64 Decodebase64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · memoryintelligence_mcp-0.1.8/src/mi_mcp/keys.py

Scanned versions

VersionVerdictScoreScanned (UTC)
0.1.8High risk502026-06-10
0.1.7High risk502026-06-10
0.1.6High risk502026-06-10
0.1.5Low risk02026-06-05
0.1.4Low risk02026-06-05
0.1.1Low risk02026-06-04
0.1.0Low risk02026-06-02

Block this in CI

PkgRadar gates memoryintelligence-mcp (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi memoryintelligence-mcp==0.1.8
Start free — 25 scans / moView full evidence