PkgRadar

PyPI · pypi.org

opengris-scaler

Py Runtime Base64 Decode: base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.

Why PkgRadar flagged 2.5.0

SeveritySignalEvidence
highPy Runtime Base64 Decodebase64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · opengris_scaler-2.5.0/src/scaler/worker_manager_adapter/aws_hpc/utility/provisioner.py

Scanned versions

VersionVerdictScoreScanned (UTC)
2.5.0High risk312026-06-11
2.4.6High risk382026-06-10
2.4.5High risk312026-06-09
2.4.3High risk382026-06-09
2.4.2High risk312026-06-08
2.4.0High risk312026-06-06
2.3.5High risk312026-05-30

Block this in CI

PkgRadar gates opengris-scaler (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi opengris-scaler==2.5.0
Start free — 25 scans / moView full evidence