Go modules · proxy.golang.org
github.com/agentgateway/agentgateway
Remote Payload: matched "curl "
Why PkgRadar flagged v0.0.0-20260602204057-63abf71dce7d
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · github.com/agentgateway/[email protected]/controller/pkg/cli/trace/cmd.go |
| medium | Remote Payload | matched "curl " · github.com/agentgateway/[email protected]/controller/pkg/cli/trace/trace.go |
| medium | Remote Payload | matched "curl\n\n" · github.com/agentgateway/[email protected]/controller/pkg/utils/requestutils/curl/native_request.go |
| medium | Remote Payload | matched "curl\n\n" · github.com/agentgateway/[email protected]/controller/pkg/utils/requestutils/curl/option.go |
| medium | Remote Payload | matched "curl\n\n" · github.com/agentgateway/[email protected]/controller/pkg/utils/requestutils/curl/request.go |
| medium | Go Mod Replace Local | go.mod replace directive redirects to a local filesystem path — non-portable / dev-time only. · github.com/agentgateway/[email protected]/go.mod |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.0.0-20260602204057-63abf71dce7d | High risk | 70 | 2026-06-03 |
v0.0.0-20260602200949-88f7f25916d5 | High risk | 70 | 2026-06-03 |
v1.3.0-alpha.1.0.20260602200949-88f7f25916d5 | High risk | 70 | 2026-06-03 |
v0.0.0-20260602195815-1c0ca7b78c32 | High risk | 70 | 2026-06-03 |
v1.3.0-alpha.1.0.20260602181224-23120382cc67 | High risk | 70 | 2026-06-03 |
v0.0.0-20260602181224-23120382cc67 | High risk | 70 | 2026-06-03 |
v0.0.0-20260529193232-04755166d2db | Review | 70 | 2026-05-30 |
v0.0.0-20260528222744-8bc0a98c2f20 | Review | 70 | 2026-05-29 |
v0.0.0-20260528173726-01b680802aee | Review | 70 | 2026-05-29 |
v0.0.0-20260528161959-ce56a9827938 | Review | 70 | 2026-05-29 |
Block this in CI
pkgradar gate --ecosystem go github.com/agentgateway/[email protected]