PkgRadar

PyPI · pypi.org

pi-metaboqc

Remote Payload: matched "Invoke-WebRequest"

Why PkgRadar flagged 1.1.3

SeveritySignalEvidence
mediumRemote Payloadmatched "Invoke-WebRequest" · pi_metaboqc-1.1.3/src/pimqc/report_utils.py

Scanned versions

VersionVerdictScoreScanned (UTC)
1.1.3Review122026-06-08
1.1.2a1Review122026-06-01

Block this in CI

PkgRadar gates pi-metaboqc (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi pi-metaboqc==1.1.3
Start free — 25 scans / moView full evidence
pi-metaboqc — PyPI security scan | PkgRadar