PkgRadar

PyPI · pypi.org

tp-common

Remote Payload: matched "curl "

Why PkgRadar flagged 0.1.53

SeveritySignalEvidence
mediumRemote Payloadmatched "curl " · tp_common-0.1.53/src/tp_common/devtools/project_scaffold/__init__.py

Scanned versions

VersionVerdictScoreScanned (UTC)
0.1.73Low risk02026-06-13
0.1.72Low risk02026-06-13
0.1.71Low risk02026-06-10
0.1.70Low risk02026-06-09
0.1.69Low risk02026-06-09
0.1.68Low risk02026-06-08
0.1.67Low risk02026-06-04
0.1.65Low risk02026-06-04
0.1.64Low risk02026-06-03
0.1.63Low risk02026-06-03
0.1.62Low risk02026-06-03
0.1.61Low risk02026-06-03
0.1.60Low risk02026-06-02
0.1.59Low risk02026-06-02
0.1.58Low risk02026-06-02
0.1.57Low risk02026-06-01
0.1.56Low risk02026-06-01
0.1.52Low risk02026-05-30
0.1.55Low risk02026-05-30
0.1.54Low risk02026-05-28
0.1.53Review122026-05-27

Block this in CI

PkgRadar gates tp-common (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi tp-common==0.1.53
Start free — 25 scans / moView full evidence