Go modules · proxy.golang.org

github.com/PipeOpsHQ/rexec

Remote Payload: matched "curl "

Why PkgRadar flagged v0.0.66

Severity	Signal	Evidence
medium	Remote Payload	matched "curl " · github.com/pipeopshq/[email protected]/cmd/rexec-cli/main.go
medium	Remote Payload	matched "curl " · github.com/pipeopshq/[email protected]/internal/container/roles.go
medium	Remote Payload	matched "cURL " · github.com/pipeopshq/[email protected]/internal/storage/r2.go

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v0.0.66`	Review	49	2026-05-30

Block this in CI

PkgRadar gates github.com/PipeOpsHQ/rexec (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/PipeOpsHQ/[email protected]