PkgRadar

Go modules · proxy.golang.org

github.com/Ollama/ollama

Remote Payload: matched "curl "

Why PkgRadar flagged v0.30.9

SeveritySignalEvidence
mediumRemote Payloadmatched "curl " · github.com/ollama/[email protected]/cmd/launch/hermes.go
mediumRemote Payloadmatched "curl " · github.com/ollama/[email protected]/cmd/launch/kimi.go
mediumRemote Payloadmatched "Invoke-WebRequest" · github.com/ollama/[email protected]/cmd/launch/qwen.go
mediumRemote Payloadmatched "curl " · github.com/ollama/[email protected]/server/inference_request_log.go
mediumRemote Payloadmatched "curl " · github.com/ollama/[email protected]/x/agent/approval.go

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.30.9High risk652026-06-17
v0.30.9-rc0High risk652026-06-17
v0.30.8-rc0High risk652026-06-17
v0.30.7-rc0High risk652026-06-17
v0.30.7High risk652026-06-17
v0.30.6High risk652026-06-17
v0.30.9-rc1High risk652026-06-17
v0.30.5High risk652026-06-17
v0.30.4-rc1High risk652026-06-17
v0.30.4High risk652026-06-17
v0.30.2-rc0High risk652026-06-17
v0.30.2High risk652026-06-17
v0.30.1High risk652026-06-17
v0.30.0-rc31High risk532026-06-17
v0.30.0-rc29High risk532026-06-17
v0.30.0-rc28High risk532026-06-17
v0.30.0-rc26High risk532026-06-17
v0.30.0-rc25High risk532026-06-17
v0.30.0-rc24High risk532026-06-17
v0.30.0-rc23High risk532026-06-17
v0.30.0-rc22High risk532026-06-17
v0.30.0-rc21High risk532026-06-17
v0.30.0-rc20High risk532026-06-17
v0.30.0-rc19High risk532026-06-17
v0.30.9-rc2High risk652026-06-17
v0.30.0-rc18High risk532026-06-17
v0.30.0-rc17High risk532026-06-17
v0.30.0-rc16High risk532026-06-17
v0.30.0High risk532026-06-17
v0.25.0-rc0High risk682026-06-17
v0.24.0-rc1High risk682026-06-17

Block this in CI

PkgRadar gates github.com/Ollama/ollama (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/Ollama/[email protected]
Start free — 25 scans / moView full evidence