PyPI · pypi.org
repo2rlenv
Py Runtime Base64 Decode: base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.
Why PkgRadar flagged 0.8.3
| Severity | Signal | Evidence |
|---|---|---|
| high | Py Runtime Base64 Decode | base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · repo2rlenv-0.8.3/src/repo2rlenv/registry/probe.py |
| medium | Py Custom Build Backend | Non-standard PEP 517 build-backend `uv_build` — runs custom code at install time. · pyproject.toml |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.8.3 | High risk | 45 | 2026-05-30 |
Block this in CI
pkgradar gate --ecosystem pypi repo2rlenv==0.8.3