PyPI · pypi.org

polyaxon

Py Install Time Subprocess: subprocess call — process spawning.

Why PkgRadar flagged 2.16.1

Severity	Signal	Evidence
medium	Py Install Time Subprocess	subprocess call — process spawning. · polyaxon-2.16.1/polyaxon/_ssh/setup.py
medium	Credential file access	matched "id_rsa" · polyaxon-2.16.1/polyaxon/_init/git.py

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`2.16.1`	Review	19	2026-05-29
`2.16.0`	Review	19	2026-05-29

Block this in CI

PkgRadar gates polyaxon (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi polyaxon==2.16.1