Go modules · proxy.golang.org

github.com/FootprintAI/Containarium

Remote Payload: matched "wget "

Why PkgRadar flagged v0.19.1

Severity	Signal	Evidence
medium	Remote Payload	matched "wget " · github.com/footprintai/[email protected]/internal/app/buildpack/static.go
medium	Remote Payload	matched "curl " · github.com/footprintai/[email protected]/internal/cmd/expose_port.go
medium	Remote Payload	matched "cURL " · github.com/footprintai/[email protected]/internal/cmd/hosting_providers.go
medium	Remote Payload	matched "curl " · github.com/footprintai/[email protected]/internal/cmd/hosting_setup.go
medium	Remote Payload	matched "curl " · github.com/footprintai/[email protected]/internal/cmd/login.go
medium	Remote Payload	matched "curl " · github.com/footprintai/[email protected]/internal/cmd/token.go
medium	Remote Payload	matched "curl " · github.com/footprintai/[email protected]/internal/mcp/tools.go
medium	Remote Payload	matched "github.com/projectdiscovery/nuclei/releases/download" · github.com/footprintai/[email protected]/internal/pentest/installer.go
medium	Remote Payload	matched "github.com/open-telemetry/opentelemetry-collector-releases/releases/download" · github.com/footprintai/[email protected]/internal/server/core_otel_collector.go
medium	Remote Payload	matched "wget " · github.com/footprintai/[email protected]/internal/server/core_services.go
medium	Remote Payload	matched "github.com/zaproxy/zaproxy/releases/download" · github.com/footprintai/[email protected]/internal/zap/installer.go
medium	Remote Payload	matched "curl " · github.com/footprintai/[email protected]/pkg/core/coresys/manager.go

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v0.19.1`	High risk	165	2026-05-30
`v0.19.2`	High risk	165	2026-05-30
`v0.18.1`	High risk	150	2026-05-30
`v0.19.0`	High risk	165	2026-05-30

Block this in CI

PkgRadar gates github.com/FootprintAI/Containarium (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/FootprintAI/[email protected]