Composer · packagist.org

easyengine/site-command

Remote Payload: matched "raw.githubusercontent.com"

Why PkgRadar flagged v3.7.4

Severity	Signal	Evidence
medium	Remote Payload	matched "raw.githubusercontent.com" · EasyEngine-site-command-b8c611b/migrations/container/20181121091115_site-command_update_nginx_conf_for_version_conf.php
medium	Remote Payload	matched "raw.githubusercontent.com" · EasyEngine-site-command-b8c611b/migrations/container/20181121091115_site-command_update_php_easyengine_conf_for_admin_tools.php
medium	Remote Payload	matched "raw.githubusercontent.com" · EasyEngine-site-command-b8c611b/migrations/container/20190507042415_site-command_update_nginx_fastcgi_params.php
medium	Remote Payload	matched "raw.githubusercontent.com" · EasyEngine-site-command-b8c611b/migrations/container/20190507042415_site-command_update_php_ini_max_exec_time.php
medium	Remote Payload	matched "raw.githubusercontent.com" · EasyEngine-site-command-b8c611b/migrations/container/20201030170225_site-command_add_admin_tools_conf.php

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v3.7.4`	High risk	25	2026-06-11

Block this in CI

PkgRadar gates easyengine/site-command (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer easyengine/[email protected]