PkgRadar

Composer · packagist.org

tavp/core

Remote Payload

Why PkgRadar flagged v1.1.1

SeveritySignalEvidence
mediumRemote Payload
mediumRemote Payload
mediumRemote Payload

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v1.1.1Review242026-07-10
v1.0.1Review242026-07-10

Block this in CI

PkgRadar gates tavp/core (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer tavp/[email protected]
tavp/core — Composer security scan | PkgRadar