PkgRadar

Composer · packagist.org

slothsoft/core

Php Base64 Eval Chain, Php Shell With Decode, Remote Payload +1 more

Why PkgRadar flagged 1.14.23

SeveritySignalEvidence
highPhp Base64 Eval Chain
highPhp Shell With Decode
mediumRemote Payload
mediumRemote Payload
mediumTls Verification Disabled

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
1.14.23High risk552026-07-04
1.14.22High risk552026-07-04

Block this in CI

PkgRadar gates slothsoft/core (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer slothsoft/[email protected]
slothsoft/core — Composer security scan | PkgRadar