PyPI · pypi.org
scripthut
Py Runtime Base64 Decode: base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.
Why PkgRadar flagged 0.11.12
| Severity | Signal | Evidence |
|---|---|---|
| high | Py Runtime Base64 Decode | base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · scripthut-0.11.12/src/scripthut/main.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.11.12 | High risk | 43 | 2026-06-11 |
0.11.11 | High risk | 43 | 2026-06-11 |
0.11.10 | High risk | 43 | 2026-06-11 |
0.11.9 | High risk | 43 | 2026-06-11 |
0.11.8 | High risk | 43 | 2026-06-10 |
0.11.7 | High risk | 43 | 2026-06-10 |
0.11.6 | High risk | 43 | 2026-06-10 |
0.11.5 | High risk | 43 | 2026-06-10 |
0.11.4 | High risk | 43 | 2026-06-10 |
0.11.3 | High risk | 43 | 2026-06-09 |
0.11.2 | High risk | 43 | 2026-06-04 |
0.11.1 | High risk | 43 | 2026-06-04 |
0.11.0 | High risk | 43 | 2026-06-04 |
0.10.0 | Review | 13 | 2026-06-04 |
0.9.1 | Review | 13 | 2026-06-04 |
0.9.0 | Review | 13 | 2026-06-04 |
0.8.0 | Review | 13 | 2026-06-04 |
0.7.1 | Review | 13 | 2026-06-04 |
0.7.0 | Review | 13 | 2026-06-03 |
0.6.5 | Review | 13 | 2026-06-03 |
0.6.4 | Review | 13 | 2026-06-03 |
0.6.3 | Review | 13 | 2026-06-03 |
0.6.2 | Review | 13 | 2026-06-03 |
0.6.1 | Review | 13 | 2026-06-03 |
0.6.0 | Review | 13 | 2026-06-03 |
0.5.7 | Review | 13 | 2026-06-03 |
0.5.6 | Review | 13 | 2026-06-03 |
0.5.5 | Review | 13 | 2026-06-03 |
0.5.4 | Review | 13 | 2026-06-03 |
0.5.3 | Review | 13 | 2026-06-02 |
Block this in CI
pkgradar gate --ecosystem pypi scripthut==0.11.12