Go modules · proxy.golang.org
github.com/alt-f4-llc/vorpal/sdk/go
Remote Payload: matched "github.com/oven-sh/bun/releases/download"
Why PkgRadar flagged v0.0.0-20260409000654-dddb54f099b1
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "github.com/oven-sh/bun/releases/download" · github.com/alt-f4-llc/vorpal/sdk/[email protected]/pkg/artifact/bun.go |
| medium | Remote Payload | matched "github.com/cli/cli/releases/download" · github.com/alt-f4-llc/vorpal/sdk/[email protected]/pkg/artifact/gh.go |
| medium | Remote Payload | matched "curl " · github.com/alt-f4-llc/vorpal/sdk/[email protected]/pkg/artifact/linux_debian.go |
| medium | Remote Payload | matched "curl " · github.com/alt-f4-llc/vorpal/sdk/[email protected]/pkg/artifact/linux_vorpal_build.go |
| medium | Remote Payload | matched "github.com/rockdaboot/libpsl/releases/download" · github.com/alt-f4-llc/vorpal/sdk/[email protected]/pkg/artifact/linux_vorpal_source.go |
| medium | Remote Payload | matched "github.com/pnpm/pnpm/releases/download" · github.com/alt-f4-llc/vorpal/sdk/[email protected]/pkg/artifact/pnpm.go |
| medium | Remote Payload | matched "github.com/protocolbuffers/protobuf/releases/download" · github.com/alt-f4-llc/vorpal/sdk/[email protected]/pkg/artifact/protoc.go |
| medium | Remote Payload | matched "github.com/protocolbuffers/protobuf-go/releases/download" · github.com/alt-f4-llc/vorpal/sdk/[email protected]/pkg/artifact/protoc_gen_go.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.0.0-20260602061303-ccfa2ea14642 | Review | 24 | 2026-06-03 |
v0.0.0-20260602014155-736209ff9ab8 | Review | 24 | 2026-06-03 |
v0.0.0-20260601163802-e2eb908b9120 | Review | 24 | 2026-06-02 |
v0.0.0-20260409000654-dddb54f099b1 | High risk | 96 | 2026-06-02 |
v0.0.0-20260601003045-fd417fa33190 | Review | 24 | 2026-06-02 |
v0.0.0-20260410180623-d1a5e8631aad | High risk | 96 | 2026-06-01 |
v0.0.0-20260311082712-1ef958af6152 | Low risk | 0 | 2026-05-31 |
Block this in CI
pkgradar gate --ecosystem go github.com/alt-f4-llc/vorpal/sdk/[email protected]