PyPI · pypi.org

opencomputer

Py Import Time Subprocess: subprocess call — process spawning.

Why PkgRadar flagged 2026.6.5

Severity	Signal	Evidence
medium	Py Import Time Subprocess	subprocess call — process spawning. · opencomputer/service/__init__.py
high	Py Runtime Base64 Decode	base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · opencomputer/commands/ui/clipboard.py
high	Credential file access	matched ".ssh/" · opencomputer/security/python_safety.py
high	Py Runtime Base64 Decode	base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · opencomputer/skills/_archive/google-workspace/scripts/google_api.py

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`2026.6.5`	High risk	162	2026-06-03
`2026.6.4`	High risk	162	2026-06-01
`2026.6.3`	High risk	162	2026-06-01
`2026.6.2`	High risk	162	2026-06-01
`2026.6.1`	High risk	162	2026-06-01
`2026.5.50`	High risk	162	2026-05-30
`2026.5.49`	High risk	162	2026-05-30
`2026.5.48`	High risk	162	2026-05-30
`2026.5.27`	High risk	162	2026-05-30
`2026.5.47`	High risk	162	2026-05-30
`2026.5.46`	High risk	162	2026-05-30
`2026.5.45`	High risk	162	2026-05-30
`2026.5.44`	High risk	162	2026-05-30
`2026.5.43`	High risk	162	2026-05-30
`2026.5.42`	High risk	162	2026-05-30
`2026.5.41`	High risk	162	2026-05-30
`2026.5.40`	High risk	162	2026-05-30
`2026.5.39`	High risk	162	2026-05-30
`2026.5.38`	High risk	162	2026-05-30
`2026.5.37`	High risk	162	2026-05-30
`2026.5.36`	High risk	162	2026-05-30
`2026.5.35`	High risk	162	2026-05-30
`2026.5.34`	High risk	162	2026-05-30
`2026.5.33`	High risk	162	2026-05-30
`2026.5.32`	High risk	162	2026-05-30
`2026.5.31`	High risk	162	2026-05-30
`2026.5.30`	High risk	162	2026-05-30
`2026.5.29`	High risk	162	2026-05-30
`2026.5.28`	High risk	162	2026-05-30

Block this in CI

PkgRadar gates opencomputer (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi opencomputer==2026.6.5