PkgRadar

Go modules · proxy.golang.org

github.com/Lercas/prowl/tool

Shipped Live Secret, Credential file access, Go Cgo Preamble

Why PkgRadar flagged v1.0.2

SeveritySignalEvidence
highShipped Live Secretgithub.com/lercas/prowl/[email protected]/cmd/prowl/help.go
highShipped Live Secretgithub.com/lercas/prowl/[email protected]/internal/config/config.go
highShipped Live Secretgithub.com/lercas/prowl/[email protected]/internal/doctor/doctor.go

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v1.0.2High risk1242026-06-24
v1.0.1High risk1242026-06-24
v0.0.0-20260623191357-e329a108a05bHigh risk1242026-06-24

Block this in CI

PkgRadar gates github.com/Lercas/prowl/tool (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/Lercas/prowl/[email protected]
Start free — 25 scans / moView full evidence