PkgRadar

PyPI · pypi.org

seed-cli

Py Runtime Base64 Decode: base64/hex decode combined with exec/subprocess — classic obfuscated payload pattern.

Why PkgRadar flagged 1.0.12

SeveritySignalEvidence
highPy Runtime Base64 Decodebase64/hex decode combined with exec/subprocess — classic obfuscated payload pattern. · seed_cli-1.0.12/src/seed_cli/template_registry.py

Scanned versions

VersionVerdictScoreScanned (UTC)
1.0.12High risk302026-06-13
1.0.11High risk302026-06-07
1.0.10High risk302026-06-01

Block this in CI

PkgRadar gates seed-cli (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi seed-cli==1.0.12
Start free — 25 scans / moView full evidence