PyPI · pypi.org

metrics-utility

Remote Payload: matched "curl "

Why PkgRadar flagged 0.8.20260607

Severity	Signal	Evidence
medium	Remote Payload	matched "curl " · metrics_utility-0.8.20260607/tools/collections/galaxy-download.sh
medium	Remote Payload	matched "curl " · metrics_utility-0.8.20260607/tools/collections/hub-download.sh

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`0.8.20260607`	Review	27	2026-06-07
`0.8.20260531`	Review	27	2026-05-31

Block this in CI

PkgRadar gates metrics-utility (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi metrics-utility==0.8.20260607