PkgRadar

PyPI · pypi.org

panpipelines

Remote Payload: matched "wget "

Why PkgRadar flagged 1.1.10

SeveritySignalEvidence
mediumRemote Payloadmatched "wget " · panpipelines-1.1.10/deployment/atlas/AAL3/MNI152NLin6Asym/Development/convert.sh

Scanned versions

VersionVerdictScoreScanned (UTC)
1.1.10Review62026-06-02

Block this in CI

PkgRadar gates panpipelines (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi panpipelines==1.1.10
Start free — 25 scans / moView full evidence