PkgRadar

PyPI · pypi.org

securevector-ai-monitor

Webhook Exfil Endpoint: matched "webhook.site"

Why PkgRadar flagged 4.6.0

SeveritySignalEvidence
highWebhook Exfil Endpointmatched "webhook.site" · securevector_ai_monitor-4.6.0/src/securevector/app/services/policy_defaults.py
highDNS / OAST exfiltrationmatched "burpcollaborator.net" · securevector_ai_monitor-4.6.0/src/securevector/app/services/policy_defaults.py

Scanned versions

VersionVerdictScoreScanned (UTC)
4.6.0High risk942026-06-12
4.5.0High risk942026-06-08
4.4.0High risk882026-06-04
4.3.0High risk882026-05-30

Block this in CI

PkgRadar gates securevector-ai-monitor (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi securevector-ai-monitor==4.6.0
Start free — 25 scans / moView full evidence