PkgRadar

Go modules · proxy.golang.org

github.com/Obolnetwork/charon

Shell Credential File Read, Remote Payload

Why PkgRadar flagged v1.9.0

SeveritySignalEvidence
highShell Credential File Read
mediumRemote Payload

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v1.9.0High risk572026-06-30
v1.10.0High risk452026-06-30
v1.8.0High risk572026-06-30
v1.7.0High risk572026-06-30
v0.18.0-lidoHigh risk572026-06-30
v1.0.0-rc1.0.20260629064956-3d48812689edHigh risk452026-06-30
v1.4.0High risk572026-06-30
v1.6.0High risk572026-06-30
v1.3.0High risk572026-06-30
v1.5.0High risk572026-06-30
v1.10.3High risk452026-06-30
v0.19.0High risk572026-06-30
v1.0.0High risk572026-06-30
v0.17.0High risk572026-06-30
v0.18.0High risk572026-06-30

Block this in CI

PkgRadar gates github.com/Obolnetwork/charon (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/Obolnetwork/[email protected]
Start free — 25 scans / moView full evidence
github.com/Obolnetwork/charon — Go modules security scan | PkgRadar