Go modules · proxy.golang.org
github.com/Feiyu-Liu/cc-connect
Remote Payload: matched "curl "
Why PkgRadar flagged v1.3.1
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · github.com/feiyu-liu/[email protected]/agent/qoder/qoder.go |
| medium | Remote Payload | matched "github.com/\" + githubRepo + \"/releases/download" · github.com/feiyu-liu/[email protected]/cmd/cc-connect/update.go |
| medium | Remote Payload | matched "raw.githubusercontent.com" · github.com/feiyu-liu/[email protected]/core/provider_presets.go |
| medium | Remote Payload | matched "raw.githubusercontent.com" · github.com/feiyu-liu/[email protected]/core/skill_presets.go |
| medium | Remote Payload | matched "github.com/chenhg5/cc-connect/releases/download" · github.com/feiyu-liu/[email protected]/core/updater.go |
| medium | Remote Payload | matched "cUrl " · github.com/feiyu-liu/[email protected]/platform/wecom/wecom.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.1.0-beta.2 | Review | 12 | 2026-06-17 |
v1.3.1 | High risk | 72 | 2026-06-17 |
v1.2.1 | High risk | 48 | 2026-06-17 |
v1.3.3-beta.3 | High risk | 72 | 2026-06-17 |
v1.3.0-rc.2 | High risk | 48 | 2026-06-17 |
v1.1.0-beta.5 | Review | 24 | 2026-06-17 |
v1.1.0-beta.3 | Review | 24 | 2026-06-17 |
v1.2.2-beta.4 | High risk | 48 | 2026-06-17 |
v1.3.0-rc.4 | High risk | 60 | 2026-06-17 |
v1.2.0-beta.1 | High risk | 36 | 2026-06-17 |
v1.3.0-rc.1 | High risk | 48 | 2026-06-17 |
v1.3.0-rc.3 | High risk | 60 | 2026-06-17 |
v1.2.0-beta.6 | High risk | 48 | 2026-06-17 |
v1.3.3-beta.1 | High risk | 72 | 2026-06-17 |
v1.1.0-beta.1 | Low risk | 0 | 2026-06-17 |
v1.0.1 | Low risk | 0 | 2026-06-17 |
v1.3.3-beta.4.0.20260608140930-5e2f3b9ebab1 | High risk | 89 | 2026-06-17 |
v1.3.2 | High risk | 72 | 2026-06-17 |
v1.1.0 | Review | 24 | 2026-06-17 |
v0.0.0-20260608070410-438b31954b12 | High risk | 84 | 2026-06-17 |
Block this in CI
pkgradar gate --ecosystem go github.com/Feiyu-Liu/[email protected]