PkgRadar

Composer · packagist.org

zhanshop/framework

Remote Payload

Why PkgRadar flagged v7.2

SeveritySignalEvidence
mediumRemote Payload

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v7.2Review82026-07-08

Block this in CI

PkgRadar gates zhanshop/framework (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer zhanshop/[email protected]
zhanshop/framework — Composer security scan | PkgRadar