PyPI · pypi.org
mlflow-skinny
Py Import Time Subprocess: subprocess call — process spawning.
Why PkgRadar flagged 3.13.0
| Severity | Signal | Evidence |
|---|---|---|
| medium | Py Import Time Subprocess | subprocess call — process spawning. · mlflow_skinny-3.13.0/mlflow/sagemaker/__init__.py |
| medium | Py Import Time Pickle Loads | pickle/marshal.loads — deserializes arbitrary objects, RCE if attacker-controlled. · mlflow_skinny-3.13.0/mlflow/pmdarima/__init__.py |
| medium | Py Import Time Pickle Loads | pickle/marshal.loads — deserializes arbitrary objects, RCE if attacker-controlled. · mlflow_skinny-3.13.0/mlflow/sklearn/__init__.py |
| high | Py Import Time Network Call | Network call (urllib/requests/httpx/http.client) at install or import time. · mlflow_skinny-3.13.0/mlflow/assistant/providers/__init__.py |
| high | Py Import Time Network Call | Network call (urllib/requests/httpx/http.client) at install or import time. · mlflow_skinny-3.13.0/mlflow/deployments/openai/__init__.py |
| medium | Credential file access | matched "aws_access_key" · mlflow_skinny-3.13.0/mlflow/metrics/genai/model_utils.py |
| medium | Credential file access | matched "AWS_SECRET_ACCESS_KEY" · mlflow_skinny-3.13.0/mlflow/projects/backend/local.py |
| medium | Credential file access | matched ".ssh/" · mlflow_skinny-3.13.0/mlflow/store/artifact/sftp_artifact_repo.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
3.13.0 | Review | 56 | 2026-06-01 |
Block this in CI
pkgradar gate --ecosystem pypi mlflow-skinny==3.13.0