PkgRadar

PyPI · pypi.org

vox-code

Py Runtime Dynamic Dangerous Import: Dynamic __import__('os') — reflection bypass for static checks.

Why PkgRadar flagged 2.0.5

SeveritySignalEvidence
highPy Runtime Dynamic Dangerous ImportDynamic __import__('os') — reflection bypass for static checks. · vox_code-2.0.5/voxcli/gui/pet/windows.py

Scanned versions

VersionVerdictScoreScanned (UTC)
2.0.5High risk302026-05-30
2.0.4High risk302026-05-30

Block this in CI

PkgRadar gates vox-code (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi vox-code==2.0.5
Start free — 25 scans / moView full evidence