PyPI · pypi.org

vibe-seller

Remote Payload: matched "curl "

Why PkgRadar flagged 0.0.6

Severity	Signal	Evidence
medium	Remote Payload	matched "curl " · vibe_seller-0.0.6/docker/docker-entrypoint.sh
medium	Remote Payload	matched "curl " · vibe_seller-0.0.6/start.sh

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`0.0.6`	Review	24	2026-05-29

Block this in CI

PkgRadar gates vibe-seller (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi vibe-seller==0.0.6