Comment by woodruffw

5 hours ago

Some of the checks here seem very brittle. For example this one[1].

In the context of security scanning (versus, say, listing), I think it's reasonable to expect the tool to be resilient to attempts at obfuscation (or just badly written code that doesn't adhere to normal Python idioms around import paths).