PkgRadar

PyPI · pypi.org

silent-pack

Remote Payload: matched "curl "

Why PkgRadar flagged 0.1.1

SeveritySignalEvidence
mediumRemote Payloadmatched "curl " · silent_pack-0.1.1/pack/ground_works/AR/start-standalone.sh
mediumLarge Native Blob22713584 bytes · silent_pack-0.1.1/pack/3fs_fuse/hf3fs_fuse/libhf3fs_api_shared.so

Scanned versions

VersionVerdictScoreScanned (UTC)
0.1.1Review222026-06-03
0.1.0Review122026-06-03

Block this in CI

PkgRadar gates silent-pack (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi silent-pack==0.1.1
Start free — 25 scans / moView full evidence