PyPI · pypi.org
rp
Py Runtime Base64 Decode: base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.
Why PkgRadar flagged 0.1.1421
| Severity | Signal | Evidence |
|---|---|---|
| high | Py Runtime Base64 Decode | base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · rp-0.1.1421/rp/libs/spotify_downloader.py |
| medium | Remote Payload | matched "curl " · rp-0.1.1421/rp/libs/kitten_tts_server.py |
| medium | Remote Payload | matched "CURL " · rp-0.1.1421/rp/libs/supertonic_tts_server.py |
| medium | Remote Payload | matched "raw.githubusercontent.com" · rp-0.1.1421/rp/rp_ptpython/completer_old.py |
| medium | Remote Payload | matched "curl " · rp-0.1.1421/rp/rp_ptpython/completion_schema.py |
| medium | Remote Payload | matched "curl " · rp-0.1.1421/rp/prompt_toolkit/terminal/vt100_output.py |
| medium | Remote Payload | matched "raw.githubusercontent.com" · rp-0.1.1421/rp/prompt_toolkit/key_binding/digraphs.py |
| medium | Remote Payload | matched "curl " · rp-0.1.1421/rp/prompt_toolkit/styles/utils.py |
| medium | Remote Payload | matched "curl " · rp-0.1.1421/rp/prompt_toolkit/styles/defaults.py |
| medium | Remote Payload | matched "curl " · rp-0.1.1421/rp/prompt_toolkit/styles/base.py |
| medium | Credential file access | matched ".ssh" · rp-0.1.1421/rp/rp_ptpython/completion_schema.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.1.1421 | Review | 37 | 2026-05-28 |
0.1.1420 | Review | 37 | 2026-05-28 |
0.1.1419 | Review | 37 | 2026-05-28 |
0.1.1417 | Review | 37 | 2026-05-27 |
0.1.1416 | Review | 37 | 2026-05-27 |
Block this in CI
pkgradar gate --ecosystem pypi rp==0.1.1421