This setup script imports the requests library and issues HTTP GET requests to pov[.]sh on port 45111 (pov[.]sh:45111/api/v3/awsglueml) immediately when loaded and again in a custom PostInstallCommand during installation. The unsolicited communication to a suspicious domain on a non-standard port, combined with a name mimicking an AWS service, indicates a supply-chain attack for tracking, data exfiltration, or command-and-control.
Live on PyPI for 8 hours and 40 minutes before removal. Socket users were protected even while the package was live.