PkgRadar

PyPI · pypi.org

yanleafadmin

Py Install Time Dynamic Dangerous Import: Dynamic __import__('os') — reflection bypass for static checks.

Why PkgRadar flagged 2.1.0

SeveritySignalEvidence
highPy Install Time Dynamic Dangerous ImportDynamic __import__('os') — reflection bypass for static checks. · yanleafadmin-2.1.0/setup.py
highPy Runtime Dynamic Dangerous ImportDynamic __import__('os') — reflection bypass for static checks. · yanleafadmin-2.1.0/apps/theme/apps.py

Scanned versions

VersionVerdictScoreScanned (UTC)
2.1.0High risk802026-05-30
2.0.8High risk802026-05-28
2.0.7High risk802026-05-28
2.0.6High risk802026-05-28
2.0.5High risk802026-05-28
2.0.4High risk802026-05-27
2.0.3High risk502026-05-27
2.0.2High risk502026-05-27
2.0.1High risk502026-05-27
2.0.0High risk502026-05-27

Block this in CI

PkgRadar gates yanleafadmin (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi yanleafadmin==2.1.0
Start free — 25 scans / moView full evidence