PkgRadar

PyPI · pypi.org

moyu-memory

Py Runtime Dynamic Dangerous Import: Dynamic __import__('sys') — reflection bypass for static checks.

Why PkgRadar flagged 2.10.0

SeveritySignalEvidence
highPy Runtime Dynamic Dangerous ImportDynamic __import__('sys') — reflection bypass for static checks. · moyu_memory-2.10.0/moyu_toolkit/_storage.py
highPy Runtime Dynamic Dangerous ImportDynamic __import__('sys') — reflection bypass for static checks. · moyu_memory-2.10.0/moyu_toolkit/agent_memory.py
highPy Runtime Dynamic Dangerous ImportDynamic __import__('sys') — reflection bypass for static checks. · moyu_memory-2.10.0/moyu_toolkit/feedback.py
highPy Runtime Dynamic Dangerous ImportDynamic __import__('sys') — reflection bypass for static checks. · moyu_memory-2.10.0/moyu_toolkit/knowledge_base.py
highPy Runtime Dynamic Dangerous ImportDynamic __import__('sys') — reflection bypass for static checks. · moyu_memory-2.10.0/moyu_toolkit/knowledge_graph.py
highPy Runtime Dynamic Dangerous ImportDynamic __import__('sys') — reflection bypass for static checks. · moyu_memory-2.10.0/moyu_toolkit/moyu_demo_attack.py
highPy Runtime Dynamic Dangerous ImportDynamic __import__('sys') — reflection bypass for static checks. · moyu_memory-2.10.0/moyu_toolkit/tune.py

Scanned versions

VersionVerdictScoreScanned (UTC)
2.10.0High risk502026-06-06
2.9.0High risk502026-05-31
2.8.2High risk502026-05-30
2.8.1High risk502026-05-30
2.8.0High risk502026-05-30

Block this in CI

PkgRadar gates moyu-memory (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi moyu-memory==2.10.0
Start free — 25 scans / moView full evidence