PkgRadar

PyPI · pypi.org

methodproof

Py Runtime Base64 Decode: base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.

Why PkgRadar flagged 0.8.8

SeveritySignalEvidence
highPy Runtime Base64 Decodebase64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · methodproof-0.8.8/methodproof/cli.py
highPy Runtime Base64 Decodebase64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · methodproof-0.8.8/methodproof/tui/start.py
mediumRemote Payloadmatched "curl " · methodproof-0.8.8/methodproof/hooks/claude_code.sh
mediumRemote Payloadmatched "curl " · methodproof-0.8.8/methodproof/hooks/cline_hook.sh
mediumRemote Payloadmatched "curl " · methodproof-0.8.8/methodproof/hooks/codex_hook.sh
mediumRemote Payloadmatched "curl " · methodproof-0.8.8/methodproof/hooks/gemini_hook.sh
mediumRemote Payloadmatched "curl " · methodproof-0.8.8/methodproof/hooks/kiro_hook.sh

Scanned versions

VersionVerdictScoreScanned (UTC)
0.8.8High risk1002026-05-31

Block this in CI

PkgRadar gates methodproof (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi methodproof==0.8.8
Start free — 25 scans / moView full evidence