PkgRadar

Composer · packagist.org

oat-sa/extension-tao-itemqti

Known Indicator Filename: oat-sa-extension-tao-itemqti-d1d0899/views/build/grunt/bundle.js

Why PkgRadar flagged v32.5.12

SeveritySignalEvidence
highKnown Indicator Filenameoat-sa-extension-tao-itemqti-d1d0899/views/build/grunt/bundle.js · oat-sa-extension-tao-itemqti-d1d0899/views/build/grunt/bundle.js
mediumPhp Shell Callexec / system / passthru / shell_exec / proc_open — process spawning. · oat-sa-extension-tao-itemqti-d1d0899/manifest.php

Scanned versions

VersionVerdictScoreScanned (UTC)
v32.5.13Low risk02026-05-29
v32.5.12Review182026-05-27

Block this in CI

PkgRadar gates oat-sa/extension-tao-itemqti (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer oat-sa/[email protected]
Start free — 25 scans / moView full evidence