PkgRadar

PyPI · pypi.org

pentesterra-devguard

Webhook Exfil Endpoint: matched "webhook.site"

Why PkgRadar flagged 1.4.20

SeveritySignalEvidence
highWebhook Exfil Endpointmatched "webhook.site" · pentesterra_devguard-1.4.20/pentesterra_devguard/credential_flow_collector.py
highPython Bun Js ExecPython file references the Bun JavaScript runtime — cross-language execution · pentesterra_devguard-1.4.20/pentesterra_devguard/dep_malicious.py
highDNS / OAST exfiltrationmatched "canarytokens.com" · pentesterra_devguard-1.4.20/pentesterra_devguard/credential_flow_collector.py

Scanned versions

VersionVerdictScoreScanned (UTC)
1.4.20High risk1202026-06-10
1.4.19High risk802026-06-04
1.4.17High risk802026-06-01

Campaign attribution

Part of the Shai-Hulud (PyPI) campaign.

Block this in CI

PkgRadar gates pentesterra-devguard (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi pentesterra-devguard==1.4.20
Start free — 25 scans / moView full evidence