Go modules · proxy.golang.org
github.com/OpenBMB/ollama
Remote Payload: matched "curl "
Why PkgRadar flagged v0.0.0-20260529233340-11be8f6ac874
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · github.com/openbmb/[email protected]/cmd/launch/hermes.go |
| medium | Remote Payload | matched "curl " · github.com/openbmb/[email protected]/cmd/launch/kimi.go |
| medium | Remote Payload | matched "curl " · github.com/openbmb/[email protected]/server/inference_request_log.go |
| medium | Remote Payload | matched "curl " · github.com/openbmb/[email protected]/x/agent/approval.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.0.0-20260529233340-11be8f6ac874 | High risk | 53 | 2026-06-02 |
v0.0.0-20260524210806-f63eea3d2738 | Review | 68 | 2026-05-30 |
Block this in CI
pkgradar gate --ecosystem go github.com/OpenBMB/[email protected]