PkgRadar

PyPI · pypi.org

pwncat-vl

Credential file access: matched "id_rsa"

Why PkgRadar flagged 0.6.5

SeveritySignalEvidence
mediumCredential file accessmatched "id_rsa" · pwncat_vl-0.6.5/pwncat/modules/linux/enumerate/escalate/leak_privkey.py

Scanned versions

VersionVerdictScoreScanned (UTC)
0.6.5Review72026-06-06
0.6.4Review102026-06-06
0.6.3Review102026-06-06

Block this in CI

PkgRadar gates pwncat-vl (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi pwncat-vl==0.6.5
Start free — 25 scans / moView full evidence