PkgRadar

Composer · packagist.org

jeffersongoncalves/laravel-github-readme

Remote Payload, Composer Install Scripts Present, Suspicious Publish Context

Why PkgRadar flagged v1.0.1

SeveritySignalEvidence
mediumRemote Payloadjeffersongoncalves-laravel-github-readme-8c2a6a1/src/GitHubReadme.php
mediumSuspicious Publish Context

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v1.0.1Review272026-06-20

Block this in CI

PkgRadar gates jeffersongoncalves/laravel-github-readme (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer jeffersongoncalves/[email protected]
Start free — 25 scans / moView full evidence