Composer · packagist.org
kantorge/yaffa
Remote Payload: matched "curl "
Why PkgRadar flagged 3.4.0
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · kantorge-yaffa-503cbea/app/Services/ProcessingHistoryRecorder.php |
| medium | Remote Payload | matched "cURL " · kantorge-yaffa-503cbea/tests/Unit/Services/AiStepGatewayTest.php |
| medium | Remote Payload | matched "cURL " · kantorge-yaffa-503cbea/tests/Unit/Services/ProcessDocumentServiceTest.php |
| medium | Remote Payload | matched "cURL " · kantorge-yaffa-503cbea/tests/Unit/Services/ProcessingHistoryRecorderTest.php |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
3.4.0 | High risk | 29 | 2026-06-17 |
3.3.0 | High risk | 29 | 2026-06-11 |
3.2.0 | High risk | 29 | 2026-05-31 |
Block this in CI
pkgradar gate --ecosystem composer kantorge/[email protected]