PkgRadar

Go modules · proxy.golang.org

github.com/awslabs/ferret-scan

Shipped Live Secret, Remote Payload, Credential file access

Why PkgRadar flagged v1.8.5-0.20260625134501-8aa081d7781e

SeveritySignalEvidence
highShipped Live Secret
mediumRemote Payload
mediumRemote Payload
mediumRemote Payload

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v1.8.5-0.20260625134501-8aa081d7781eHigh risk922026-06-26
v1.8.4High risk922026-06-26

Block this in CI

PkgRadar gates github.com/awslabs/ferret-scan (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/awslabs/[email protected]
Start free — 25 scans / moView full evidence