PkgRadar

PyPI · pypi.org

psi-datahub

Py Install Time Eval Exec: Python eval()/exec() called on a string.

Why PkgRadar flagged 1.1.13

SeveritySignalEvidence
mediumPy Install Time Eval ExecPython eval()/exec() called on a string. · psi_datahub-1.1.13/setup.py
highPy Runtime Base64 Decodebase64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · psi_datahub-1.1.13/datahub/sources/camserver.py

Scanned versions

VersionVerdictScoreScanned (UTC)
1.1.13High risk522026-06-09

Block this in CI

PkgRadar gates psi-datahub (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi psi-datahub==1.1.13
Start free — 25 scans / moView full evidence