PkgRadar

PyPI · pypi.org

smart-bbox

Py Install Time Compile Exec: Python exec(compile(...)) — typical obfuscated loader pattern.

Why PkgRadar flagged 0.1.19

SeveritySignalEvidence
highPy Install Time Compile ExecPython exec(compile(...)) — typical obfuscated loader pattern. · smart_bbox-0.1.19/setup.py
mediumPy Install Time Subprocesssubprocess call — process spawning. · smart_bbox-0.1.19/smart/vendor/manifold/bindings/python/third_party/pybind11/setup.py
mediumPy Install Time Eval ExecPython eval()/exec() called on a string. · smart_bbox-0.1.19/smart/vendor/manifold/bindings/python/third_party/pybind11/setup.py

Scanned versions

VersionVerdictScoreScanned (UTC)
0.1.19High risk1452026-06-04

Block this in CI

PkgRadar gates smart-bbox (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi smart-bbox==0.1.19
Start free — 25 scans / moView full evidence