Composer · packagist.org
hryagstn/laravel-scalpel
Php Base64 Eval Chain: base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload.
Why PkgRadar flagged v1.3.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · hryagstn-laravel-scalpel-d270f17/src/Scanners/ObfuscatedCodeScanner.php |
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · hryagstn-laravel-scalpel-d270f17/tests/Feature/ScalpelScanCommandTest.php |
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · hryagstn-laravel-scalpel-d270f17/tests/Unit/BaseScannerExclusionTest.php |
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · hryagstn-laravel-scalpel-d270f17/tests/Unit/ObfuscatedCodeScannerTest.php |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.3.0 | High risk | 55 | 2026-06-13 |
Block this in CI
pkgradar gate --ecosystem composer hryagstn/[email protected]