Composer · packagist.org
forgeomni/superagent
Remote Payload: matched "curl "
Why PkgRadar flagged v1.1.1
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · ForgeOmni-SuperAgent-41dff4d/src/Agent/BuiltinAgents/VerificationAgent.php |
| medium | Remote Payload | matched "cURL " · ForgeOmni-SuperAgent-41dff4d/src/CLI/SuperAgentApplication.php |
| medium | Remote Payload | matched "curl " · ForgeOmni-SuperAgent-41dff4d/src/Skills/BuiltinSkills/BatchSkill.php |
| medium | Remote Payload | matched "curl " · ForgeOmni-SuperAgent-41dff4d/tests/Unit/AgentToolProductivityTest.php |
| medium | Remote Payload | matched "curl " · ForgeOmni-SuperAgent-41dff4d/tests/Unit/Guardrails/PromptInjectionDetectorTest.php |
| medium | Remote Payload | matched "curl " · ForgeOmni-SuperAgent-41dff4d/tests/Unit/Harness/WireProjectingPermissionCallbackTest.php |
| medium | Remote Payload | matched "curl " · ForgeOmni-SuperAgent-41dff4d/tests/Unit/Phase3PermissionsTest.php |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.1.1 | High risk | 97 | 2026-06-04 |
v1.1.0 | High risk | 97 | 2026-06-02 |
v1.0.10 | High risk | 97 | 2026-05-31 |
v1.0.8 | High risk | 97 | 2026-05-30 |
Block this in CI
pkgradar gate --ecosystem composer forgeomni/[email protected]