RubyGems · rubygems.org
parse-stack-next
Rb Install Time System: Direct shell invocation paired with eval/dynamic-require/network/deserialize.
Why PkgRadar flagged 5.1.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Rb Install Time System | Direct shell invocation paired with eval/dynamic-require/network/deserialize. · Rakefile |
| high | Rb Install Time Backticks | Backtick / %x() shell-out paired with eval/dynamic-require/network/deserialize. · Rakefile |
| high | Rb Install Time Network Call | Network call (Net::HTTP / URI.open / HTTParty / Faraday / RestClient) at install time. · Rakefile |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
5.1.0 | High risk | 136 | 2026-06-03 |
Related campaigns
- rb_install_time_network_call:network call (net::http / uri.open / httparty / faraday / restclient) at install time. — 11 releases, max score 136
Block this in CI
pkgradar gate --ecosystem rubygems [email protected]