PyPI · pypi.org

scaler-dev

Py Runtime Base64 Decode: base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.

Why PkgRadar flagged 2.3.6

Severity	Signal	Evidence
high	Py Runtime Base64 Decode	base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · scaler/worker_manager_adapter/aws_hpc/utility/provisioner.py
medium	Large Native Blob	8763689 bytes · scaler_dev.libs/libcapnpc-1-77f4332d.0.1.so

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`2.3.6`	High risk	27	2026-06-04

Block this in CI

PkgRadar gates scaler-dev (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi scaler-dev==2.3.6