PkgRadar

PyPI · pypi.org

py-asyncutils

Py Runtime Dynamic Dangerous Import: Dynamic __import__('os') — reflection bypass for static checks.

Why PkgRadar flagged 0.9.13

SeveritySignalEvidence
highPy Runtime Dynamic Dangerous ImportDynamic __import__('os') — reflection bypass for static checks. · py_asyncutils-0.9.13/asyncutils/config.py
highPy Runtime Dynamic Dangerous ImportDynamic __import__('sys') — reflection bypass for static checks. · py_asyncutils-0.9.13/asyncutils/constants.py
highPy Runtime Dynamic Dangerous ImportDynamic __import__('os') — reflection bypass for static checks. · py_asyncutils-0.9.13/asyncutils/networking.py
mediumPy Import Time Eval ExecPython eval()/exec() called on a string. · py_asyncutils-0.9.13/asyncutils/_internal/__init__.py
mediumPy Custom Build BackendNon-standard PEP 517 build-backend `uv_build` — runs custom code at install time. · pyproject.toml

Scanned versions

VersionVerdictScoreScanned (UTC)
0.9.13High risk1192026-06-12
0.9.12High risk1192026-06-10
0.9.11High risk1192026-06-04
0.9.10High risk1192026-05-30

Block this in CI

PkgRadar gates py-asyncutils (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi py-asyncutils==0.9.13
Start free — 25 scans / moView full evidence