PyPI · pypi.org

xllamacpp

Py Install Time Subprocess: subprocess call — process spawning.

Why PkgRadar flagged 2026.6.9538

Severity	Signal	Evidence
medium	Py Install Time Subprocess	subprocess call — process spawning. · xllamacpp-2026.6.9538/setup.py
high	Credential File Packaged	xllamacpp-2026.6.9538/thirdparty/llama.cpp/tools/ui/.npmrc · xllamacpp-2026.6.9538/thirdparty/llama.cpp/tools/ui/.npmrc

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`2026.6.9538`	High risk	42	2026-06-07

Block this in CI

PkgRadar gates xllamacpp (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi xllamacpp==2026.6.9538