PyPI · pypi.org
pipeline-check
Webhook Exfil Endpoint: matched "webhook.site"
Why PkgRadar flagged 1.14.1
| Severity | Signal | Evidence |
|---|---|---|
| high | Webhook Exfil Endpoint | matched "webhook.site" · pipeline_check-1.14.1/pipeline_check/core/checks/_malicious.py |
| high | Python Bun Js Exec | Python file references the Bun JavaScript runtime — cross-language execution · pipeline_check-1.14.1/pipeline_check/core/checks/_primitives/remote_script_exec.py |
| high | Python Bun Js Exec | Python file references the Bun JavaScript runtime — cross-language execution · pipeline_check-1.14.1/pipeline_check/core/checks/_primitives/top_actions.py |
| high | Webhook Exfil Endpoint | matched "webhook.site" · pipeline_check-1.14.1/pipeline_check/core/checks/aws/rules/cb011_malicious_buildspec.py |
| high | Python Bun Js Exec | Python file references the Bun JavaScript runtime — cross-language execution · pipeline_check-1.14.1/pipeline_check/core/checks/azure/rules/ado016_curl_pipe.py |
| high | Webhook Exfil Endpoint | matched "webhook.site" · pipeline_check-1.14.1/pipeline_check/core/checks/azure/rules/ado026_malicious_activity.py |
| high | Python Bun Js Exec | Python file references the Bun JavaScript runtime — cross-language execution · pipeline_check-1.14.1/pipeline_check/core/checks/bitbucket/rules/bb012_curl_pipe.py |
| high | Webhook Exfil Endpoint | matched "webhook.site" · pipeline_check-1.14.1/pipeline_check/core/checks/bitbucket/rules/bb025_malicious_activity.py |
| high | Python Bun Js Exec | Python file references the Bun JavaScript runtime — cross-language execution · pipeline_check-1.14.1/pipeline_check/core/checks/bitbucket/rules/bb030_npm_audit_signatures.py |
| high | Python Bun Js Exec | Python file references the Bun JavaScript runtime — cross-language execution · pipeline_check-1.14.1/pipeline_check/core/checks/circleci/rules/cc016_curl_pipe.py |
| high | Webhook Exfil Endpoint | matched "webhook.site" · pipeline_check-1.14.1/pipeline_check/core/checks/circleci/rules/cc026_malicious_activity.py |
| high | Webhook Exfil Endpoint | matched "webhook.site" · pipeline_check-1.14.1/pipeline_check/core/checks/cloudbuild/rules/gcb027_malicious_activity.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.14.1 | High risk | 205 | 2026-06-13 |
1.14.0 | High risk | 205 | 2026-06-13 |
1.13.0 | High risk | 205 | 2026-06-09 |
1.12.0 | High risk | 155 | 2026-06-08 |
1.11.0 | High risk | 155 | 2026-06-06 |
1.9.0 | High risk | 155 | 2026-06-03 |
1.8.0 | High risk | 155 | 2026-06-03 |
1.7.1 | High risk | 155 | 2026-06-01 |
1.7.0 | High risk | 155 | 2026-05-30 |
1.6.0 | High risk | 155 | 2026-05-30 |
1.5.0 | High risk | 150 | 2026-05-30 |
Campaign attribution
Block this in CI
pkgradar gate --ecosystem pypi pipeline-check==1.14.1