PkgRadar

Go modules · proxy.golang.org

github.com/OpenCSGs/csglite

Shell Credential File Read, Remote Payload, Obfuscation Density

Why PkgRadar flagged v0.9.5-0.20260630061512-e1fae5db556f

SeveritySignalEvidence
highShell Credential File Read
mediumRemote Payload
mediumRemote Payload

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.9.5-0.20260630061512-e1fae5db556fHigh risk692026-07-01
v0.8.80High risk692026-07-01
v0.8.55High risk692026-07-01
v0.8.30Review242026-07-01
v0.5.8Low risk02026-07-01
v0.8.99High risk692026-07-01
v0.7.11Low risk02026-07-01
v0.8.65High risk692026-07-01
v0.8.52High risk692026-07-01
v0.5.12Low risk02026-07-01
v0.8.87High risk692026-07-01
v0.8.42Review242026-07-01
v0.8.92High risk692026-07-01
v0.8.63High risk692026-07-01
v0.8.9Review122026-07-01
v0.7.10Low risk02026-07-01
v0.8.44Review242026-07-01
v0.7.21Low risk02026-07-01
v0.8.50High risk692026-07-01
v0.9.4High risk692026-07-01
v0.8.97High risk692026-07-01
v0.2.0Low risk02026-07-01
v0.8.67High risk692026-07-01
v0.8.40Review242026-07-01
v0.8.90High risk692026-07-01
v0.8.66High risk692026-07-01
v0.5.9Low risk02026-07-01
v0.8.84High risk692026-07-01
v0.6.4Low risk02026-07-01
v0.7.12Low risk02026-07-01
v0.8.70High risk692026-07-01
v0.8.69High risk692026-07-01
v0.7.19Low risk02026-07-01
v0.8.6Review122026-07-01
v0.8.34Review242026-07-01
v0.6.7Low risk02026-07-01
v0.8.2Low risk02026-07-01
v0.8.48Review242026-07-01
v0.8.29Review242026-07-01
v0.5.10Low risk02026-07-01
v0.8.27Review242026-07-01
v0.7.8Low risk02026-07-01
v0.8.22Review122026-07-01
v0.7.22Low risk02026-07-01
v0.8.71High risk692026-07-01
v0.8.88High risk692026-07-01
v0.8.94High risk692026-07-01
v0.8.77High risk692026-07-01
v0.8.72High risk692026-07-01
v0.8.98High risk692026-07-01
v0.7.6Low risk02026-07-01
v0.6.8Low risk02026-07-01
v0.8.82High risk692026-07-01
v0.8.36Review242026-07-01
v0.8.33Review242026-07-01
v0.8.102High risk692026-07-01
v0.7.14Low risk02026-07-01
v0.8.61High risk692026-07-01
v0.6.3Low risk02026-07-01
v0.9.1High risk692026-07-01
v0.7.17Low risk02026-07-01
v0.8.13Review122026-07-01
v0.5.7Low risk02026-07-01
v0.1.0Low risk02026-07-01
v0.8.49Review242026-07-01
v0.8.4Low risk02026-07-01
v0.7.1Low risk02026-07-01
v0.8.86High risk692026-07-01
v0.5.1Review122026-07-01
v0.7.9Low risk02026-07-01
v0.8.20Review122026-07-01
v0.8.24Review122026-07-01
v0.8.28Review242026-07-01
v0.8.45Review242026-07-01
v0.8.76High risk692026-07-01
v0.8.79High risk692026-07-01
v0.8.83High risk692026-07-01
v0.0.3Low risk02026-07-01
v0.8.62High risk692026-07-01
v0.8.5Review122026-07-01
v0.8.19Review122026-07-01
v0.9.0High risk692026-07-01
v0.5.4Review122026-07-01
v0.6.5Low risk02026-07-01
v0.8.59High risk692026-07-01
v0.4.1Review122026-07-01
v0.4.0Review122026-07-01
v0.8.74High risk692026-07-01
v0.8.17Review122026-07-01
v0.7.7Low risk02026-07-01
v0.8.64High risk692026-07-01
v0.8.15Review122026-07-01
v0.7.18Low risk02026-07-01
v0.8.100High risk692026-07-01
v0.8.7Review122026-07-01
v0.7.15Low risk02026-07-01
v0.8.58High risk692026-07-01
v0.8.37Review242026-07-01
v0.8.25Review242026-07-01
v0.8.11Review122026-07-01
v0.7.13Low risk02026-07-01
v0.8.46Review242026-07-01
v0.8.31Review242026-07-01
v0.8.10Review122026-07-01
v0.8.96High risk692026-07-01
v0.8.23Review122026-07-01
v0.8.93High risk692026-07-01
v0.8.89High risk692026-07-01
v0.8.16Review122026-07-01
v0.8.12Review122026-07-01
v0.8.14Review122026-07-01
v0.8.51High risk692026-07-01
v0.8.95High risk692026-07-01
v0.5.0Review122026-07-01
v0.8.26Review242026-07-01
v0.8.56High risk692026-07-01
v0.8.78High risk692026-07-01
v0.8.85High risk692026-07-01
v0.8.43Review242026-07-01
v0.6.2Low risk02026-07-01
v0.8.81High risk692026-07-01
v0.8.57High risk692026-07-01
v0.8.101High risk692026-07-01
v0.5.3Review122026-07-01
v0.7.4Low risk02026-07-01
v0.8.47Review242026-07-01
v0.6.0Low risk02026-07-01
v0.8.103High risk692026-07-01
v0.8.54High risk692026-07-01
v0.5.6Low risk02026-07-01
v0.8.3Low risk02026-07-01
v0.8.0Low risk02026-07-01
v0.7.2Low risk02026-07-01
v0.8.105High risk692026-07-01
v0.8.39Review242026-07-01
v0.8.35Review242026-07-01
v0.3.0Review122026-07-01
v0.5.11Low risk02026-07-01
v0.6.1Low risk02026-07-01
v0.7.16Low risk02026-07-01
v0.8.104High risk692026-07-01
v0.8.32Review242026-07-01
v0.8.53High risk692026-07-01
v0.5.2Review122026-07-01
v0.8.73High risk692026-07-01
v0.8.21Review122026-07-01
v0.8.8Review122026-07-01
v0.6.6Low risk02026-07-01
v0.8.68High risk692026-07-01
v0.8.75High risk692026-07-01
v0.8.38Review242026-07-01
v0.9.2High risk692026-07-01
v0.8.1Low risk02026-07-01
v0.8.60High risk692026-07-01
v0.7.3Low risk02026-07-01
v0.9.3High risk692026-07-01
v0.8.91High risk692026-07-01
v0.5.5Low risk02026-07-01
v0.7.0Low risk02026-07-01
v0.8.18Review122026-07-01
v0.7.20Low risk02026-07-01
v0.7.5Low risk02026-07-01
v0.8.41Review242026-07-01

Block this in CI

PkgRadar gates github.com/OpenCSGs/csglite (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/OpenCSGs/[email protected]
github.com/OpenCSGs/csglite — Go modules security scan | PkgRadar