PyPI · pypi.org
primust-verify
Py Runtime Base64 Decode: base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.
Why PkgRadar flagged 1.8.1
| Severity | Signal | Evidence |
|---|---|---|
| high | Py Runtime Base64 Decode | base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · primust_verify-1.8.1/src/primust_verify/verifier.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.8.1 | High risk | 30 | 2026-06-11 |
1.8.0 | High risk | 30 | 2026-06-04 |
1.7.0 | High risk | 30 | 2026-06-04 |
1.6.0 | High risk | 30 | 2026-06-04 |
1.5.0 | High risk | 30 | 2026-06-04 |
1.4.2 | High risk | 30 | 2026-06-03 |
1.4.1 | High risk | 30 | 2026-06-01 |
1.4.0 | High risk | 30 | 2026-06-01 |
1.3.2 | High risk | 30 | 2026-05-31 |
1.3.1 | High risk | 30 | 2026-05-30 |
1.3.0 | High risk | 30 | 2026-05-30 |
Block this in CI
pkgradar gate --ecosystem pypi primust-verify==1.8.1