PkgRadar

Composer · packagist.org

vortos/vortos-pipeline

Remote Payload, Credential file access

Why PkgRadar flagged v1.0.0-alpha-166

SeveritySignalEvidence
mediumRemote Payload

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v1.0.0-alpha-166Review222026-07-04
v1.0.0-alpha-165Low risk02026-07-03
v1.0.0-alpha-164Low risk02026-07-03
v1.0.0-alpha-163Low risk02026-07-02
v1.0.0-alpha-160Low risk02026-07-02

Block this in CI

PkgRadar gates vortos/vortos-pipeline (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer vortos/[email protected]
vortos/vortos-pipeline — Composer security scan | PkgRadar