Go modules · proxy.golang.org

github.com/amp-org-space/amp-sdk-go

Shell Credential File Read, Tls Verification Disabled, Obfuscation Density

Why PkgRadar flagged v0.249.0

Severity	Signal	Evidence
high	Shell Credential File Read	github.com/amp-org-space/[email protected]/stdlib/safe/api.safe.go
high	Shell Credential File Read	github.com/amp-org-space/[email protected]/stdlib/safe/epoch_keys.go
medium	Tls Verification Disabled	github.com/amp-org-space/[email protected]/stdlib/utils/http.go

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v0.249.0`	High risk	102	2026-06-24
`v0.247.0`	Low risk	0	2026-06-11
`v0.246.0`	Low risk	0	2026-06-11
`v0.247.1`	Low risk	0	2026-06-11
`v0.245.0`	Low risk	0	2026-06-08
`v0.244.0`	Low risk	0	2026-06-07
`v0.243.1-0.20260605062533-eebf6a7156a2`	Low risk	0	2026-06-06
`v0.243.0`	Low risk	0	2026-06-06
`v0.241.1-0.20260602221519-8cf46b80676e`	Low risk	0	2026-06-03
`v0.240.0`	Low risk	0	2026-06-03
`v0.233.0`	Low risk	0	2026-05-30
`v0.230.0`	Low risk	0	2026-05-30
`v0.232.1-0.20260527145007-2ed7ea378851`	Low risk	0	2026-05-29

Block this in CI

PkgRadar gates github.com/amp-org-space/amp-sdk-go (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/amp-org-space/[email protected]