PkgRadar

PyPI · pypi.org

noetl

Py Runtime Base64 Decode: base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.

Why PkgRadar flagged 4.12.1

SeveritySignalEvidence
highPy Runtime Base64 Decodebase64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · noetl-4.12.1/noetl/tools/python/executor.py
highPy Runtime Base64 Decodebase64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · noetl-4.12.1/noetl/worker/nats_worker.py
mediumCredential file accessmatched "GOOGLE_APPLICATION_CREDENTIALS" · noetl-4.12.1/noetl/tools/python/executor.py

Scanned versions

VersionVerdictScoreScanned (UTC)
4.12.1High risk372026-06-04
4.12.0High risk372026-06-02
4.11.0High risk372026-06-02
4.10.1High risk372026-06-02
4.10.0High risk372026-06-02
4.9.0High risk372026-06-02
4.8.0High risk372026-06-02
4.7.0High risk372026-06-02
4.6.0High risk372026-06-02
4.5.3High risk372026-06-02
4.5.2High risk372026-06-02
4.5.1High risk372026-06-01
4.5.0High risk372026-06-01
4.4.0High risk372026-06-01
4.3.0High risk372026-06-01
4.2.0High risk372026-06-01
4.1.0High risk372026-06-01
4.0.1High risk372026-06-01
4.0.0High risk372026-05-31
3.0.0High risk372026-05-31
2.102.3High risk372026-05-30
2.103.4High risk372026-05-30
2.103.3High risk372026-05-30
2.103.2High risk372026-05-30
2.103.1High risk372026-05-30
2.103.0High risk372026-05-30
2.102.13High risk372026-05-30
2.102.12High risk372026-05-30
2.102.11High risk372026-05-30
2.102.10High risk372026-05-30
2.102.9High risk372026-05-30
2.102.8High risk372026-05-30
2.102.7High risk372026-05-30
2.102.6High risk372026-05-30
2.102.5High risk372026-05-30
2.102.4High risk372026-05-30

Block this in CI

PkgRadar gates noetl (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi noetl==4.12.1
Start free — 25 scans / moView full evidence