PkgRadar

PyPI · pypi.org

wandelbots-nova

Remote Payload: matched "github.com/wandelbotsgmbh/wandelbots-js-react-components/releases/download"

Why PkgRadar flagged 5.1.4a2026052720

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/wandelbotsgmbh/wandelbots-js-react-components/releases/download" · nova_rerun_bridge/helper_scripts/download_models.py

Scanned versions

VersionVerdictScoreScanned (UTC)
5.4.2Low risk02026-06-12
5.4.1Low risk02026-06-09
5.4.0Low risk02026-06-09
5.3.0Low risk02026-06-04
5.2.0Low risk02026-06-04
5.1.4Low risk02026-06-03
5.1.4a2026052720Review62026-05-27

Block this in CI

PkgRadar gates wandelbots-nova (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi wandelbots-nova==5.1.4a2026052720
Start free — 25 scans / moView full evidence