PkgRadar

Go modules · proxy.golang.org

github.com/GoCodeAlone/workflow

Remote Payload: matched "curl "

Why PkgRadar flagged v0.80.15

SeveritySignalEvidence
mediumRemote Payloadmatched "curl " · github.com/gocodealone/[email protected]/cigen/render_circleci.go
mediumRemote Payloadmatched "curl " · github.com/gocodealone/[email protected]/cigen/render_gha.go
mediumRemote Payloadmatched "curl " · github.com/gocodealone/[email protected]/cigen/render_gitlab.go
mediumRemote Payloadmatched "curl " · github.com/gocodealone/[email protected]/cigen/render_jenkins.go
mediumRemote Payloadmatched "wget " · github.com/gocodealone/[email protected]/cmd/wfctl/build_security_audit.go
mediumRemote Payloadmatched "raw.githubusercontent.com" · github.com/gocodealone/[email protected]/cmd/wfctl/plugin_registry.go
mediumRemote Payloadmatched "raw.githubusercontent.com" · github.com/gocodealone/[email protected]/cmd/wfctl/registry_source.go
mediumRemote Payloadmatched "cURL " · github.com/gocodealone/[email protected]/iam/oidc.go
mediumRemote Payloadmatched "cURL " · github.com/gocodealone/[email protected]/module/openapi.go
mediumRemote Payloadmatched "cURL " · github.com/gocodealone/[email protected]/module/openapi_consumer.go
mediumRemote Payloadmatched "curl " · github.com/gocodealone/[email protected]/platform/providers/dockercompose/provider.go
mediumCredential file accessmatched "GOOGLE_APPLICATION_CREDENTIALS" · github.com/gocodealone/[email protected]/module/cloud_account_gcp.go

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.80.15High risk1252026-06-16
v0.80.14High risk1252026-06-15
v0.80.13High risk1252026-06-15
v0.80.12High risk1252026-06-15
v0.80.11High risk1252026-06-15
v0.80.10High risk1252026-06-15
v0.80.9High risk1252026-06-14
v0.80.8High risk1252026-06-14
v0.80.7High risk1252026-06-14
v0.80.4High risk1252026-06-14
v0.80.3High risk1252026-06-14
v0.80.1High risk1252026-06-12
v0.80.0High risk1252026-06-12
v0.79.1High risk1252026-06-12
v0.78.2High risk1252026-06-10
v0.78.1High risk1252026-06-09
v0.78.0High risk1252026-06-09
v0.77.0High risk1252026-06-09
v0.76.1High risk1252026-06-09
v0.76.0High risk1252026-06-09
v0.75.9High risk1252026-06-09
v0.75.9-0.20260608055015-ead7dc94e93dHigh risk1252026-06-09
v0.75.8High risk1252026-06-09
v0.75.7High risk1252026-06-09
v0.75.6High risk1252026-06-09
v0.75.5High risk1252026-06-09
v0.75.4High risk1252026-06-08
v0.75.3High risk1252026-06-08
v0.75.2High risk1252026-06-08
v0.75.1High risk1252026-06-08
v0.75.0High risk1252026-06-08
v0.74.7High risk1252026-06-08
v0.74.6High risk1252026-06-07
v0.74.2High risk1252026-06-06
v0.74.1High risk1252026-06-04
v0.73.1High risk1252026-06-04
v0.74.0High risk1252026-06-04
v0.73.0High risk1252026-06-04
v0.72.0High risk1252026-06-04
v0.69.7High risk1252026-06-03
v0.69.6High risk1252026-06-03
v0.69.5High risk1252026-06-03
v0.69.4High risk1252026-06-03
v0.69.4-0.20260602001550-17b09e8da9b0High risk1252026-06-03
v0.69.3High risk1252026-06-03
v0.69.2High risk1252026-06-03
v0.68.2High risk1252026-06-02
v0.68.2-0.20260601161212-52066f422dd9High risk1252026-06-02
v0.68.1High risk1252026-06-02
v0.68.0High risk1252026-06-01
v0.66.0High risk1092026-05-31
v0.66.1Review1092026-05-31
v0.65.0Review1092026-05-30
v0.64.8Review1092026-05-30

Block this in CI

PkgRadar gates github.com/GoCodeAlone/workflow (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/GoCodeAlone/[email protected]
Start free — 25 scans / moView full evidence