PkgRadar

PyPI · pypi.org

redline-ai

Remote Payload: matched "curl "

Why PkgRadar flagged 0.2.1

SeveritySignalEvidence
mediumRemote Payloadmatched "curl " · redline_ai-0.2.1/redline/judge_template_files/anthropic_judge.sh
mediumRemote Payloadmatched "curl " · redline_ai-0.2.1/redline/judge_template_files/litellm_judge.sh
mediumRemote Payloadmatched "curl " · redline_ai-0.2.1/redline/judge_template_files/openai_judge.sh
mediumRemote Payloadmatched "curl " · redline_ai-0.2.1/redline/runner_templates/anthropic_runner.sh
mediumRemote Payloadmatched "curl " · redline_ai-0.2.1/redline/runner_templates/litellm_runner.sh
mediumRemote Payloadmatched "curl " · redline_ai-0.2.1/redline/runner_templates/openai_runner.sh

Scanned versions

VersionVerdictScoreScanned (UTC)
0.2.1High risk552026-05-30
0.2.0High risk702026-05-30

Block this in CI

PkgRadar gates redline-ai (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi redline-ai==0.2.1
Start free — 25 scans / moView full evidence
redline-ai — PyPI security scan | PkgRadar