PkgRadar

PyPI · pypi.org

vibego

Py Runtime Dynamic Dangerous Import: Dynamic __import__('socket') — reflection bypass for static checks.

Why PkgRadar flagged 1.5.171

SeveritySignalEvidence
highPy Runtime Dynamic Dangerous ImportDynamic __import__('socket') — reflection bypass for static checks. · vibego-1.5.171/master.py
mediumPy Import Time Eval ExecPython eval()/exec() called on a string. · vibego-1.5.171/scripts/.venv/lib/python3.14/site-packages/pip/_vendor/packaging/licenses/__init__.py
mediumPy Import Time Eval ExecPython eval()/exec() called on a string. · vibego-1.5.171/scripts/.venv/lib/python3.14/site-packages/pip/_vendor/pkg_resources/__init__.py

Scanned versions

VersionVerdictScoreScanned (UTC)
1.5.171High risk542026-06-06
1.5.170High risk542026-06-05
1.5.169High risk542026-06-04
1.5.168High risk542026-06-04
1.5.167High risk542026-06-03
1.5.166High risk542026-06-03
1.5.165High risk542026-06-03
1.5.164High risk542026-06-03
1.5.163High risk542026-06-02
1.5.162High risk542026-06-02
1.5.161High risk542026-06-02
1.5.160High risk542026-06-02
1.5.159High risk542026-06-01
1.5.158High risk542026-06-01
1.5.157High risk542026-06-01
1.5.156High risk542026-06-01
1.5.155High risk542026-06-01
1.5.154High risk542026-06-01
1.5.153High risk542026-06-01
1.5.152High risk542026-06-01
1.5.151High risk542026-05-31
1.5.150High risk542026-05-31
1.5.149High risk542026-05-30
1.5.148High risk542026-05-30
1.5.147High risk542026-05-30
1.5.146High risk542026-05-30
1.5.145High risk542026-05-30
1.5.144High risk542026-05-30
1.5.143High risk542026-05-30
1.5.142High risk542026-05-30
1.5.141High risk542026-05-30
1.5.140High risk542026-05-30

Block this in CI

PkgRadar gates vibego (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi vibego==1.5.171
Start free — 25 scans / moView full evidence