Composer · packagist.org

codesignificant/api-pro

Remote Payload: matched "Curl "

Why PkgRadar flagged v2.1.2

Severity	Signal	Evidence
medium	Remote Payload	matched "Curl " · CodeSignificant-api-pro-4d84cd1/Core/Security/TokenManager.php

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v2.1.2`	Review	17	2026-05-28
`v2.0.0`	Review	5	2026-05-27

Block this in CI

PkgRadar gates codesignificant/api-pro (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer codesignificant/[email protected]