Go modules · proxy.golang.org

github.com/b/sorcerer

Tls Verification Disabled, Remote Payload, Obfuscation Density

Why PkgRadar flagged v0.0.0-20260629000516-c9e24ca8efa5

Severity	Signal	Evidence
medium	Tls Verification Disabled	—
medium	Remote Payload	—
medium	Remote Payload	—

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v0.0.0-20260629000516-c9e24ca8efa5`	Review	36	2026-06-29
`v0.0.0-20260616183611-460efda2af45`	Low risk	0	2026-06-17
`v0.0.0-20260616162932-cd1005ffe3ad`	Low risk	0	2026-06-17
`v0.0.0-20260616082758-95aeefbc20ef`	Low risk	0	2026-06-17
`v0.0.0-20260616063449-edc87cbd266a`	Low risk	0	2026-06-17
`v0.0.0-20260616042003-2f8c77773cd2`	Low risk	0	2026-06-17
`v0.0.0-20260616001042-526b98cbc190`	Low risk	0	2026-06-17
`v0.0.0-20260615141031-081743cd2c5f`	Low risk	0	2026-06-16
`v0.0.0-20260615104704-46d75ee7e6b9`	Low risk	0	2026-06-16
`v0.0.0-20260615074545-5e19afa2034a`	Low risk	0	2026-06-16
`v0.0.0-20260615071740-cc86f2c44e33`	Low risk	0	2026-06-16
`v0.0.0-20260615050657-ff6c260deb28`	Low risk	0	2026-06-16
`v0.0.0-20260614233650-5b5481a413f7`	Low risk	0	2026-06-15
`v0.0.0-20260614223700-b373fa392c49`	Low risk	0	2026-06-15
`v0.0.0-20260614173027-fbe97ee2a5d9`	Low risk	0	2026-06-15
`v0.0.0-20260614150516-e7ec62217974`	Low risk	0	2026-06-15
`v0.0.0-20260614132942-53a3867dd42f`	Low risk	0	2026-06-15
`v0.0.0-20260614055050-543cf3bda829`	Low risk	0	2026-06-15
`v0.0.0-20260614035747-672b851e1e72`	Low risk	0	2026-06-15
`v0.0.0-20260614005457-a375d9275b1e`	Low risk	0	2026-06-15
`v0.0.0-20260613220708-16642b9171a6`	Low risk	0	2026-06-14
`v0.0.0-20260613194016-7f89dd6fc4d7`	Low risk	0	2026-06-14
`v0.0.0-20260613140952-9c8b3e09acfc`	Low risk	0	2026-06-14
`v0.0.0-20260613122017-0e21b369aeaf`	Low risk	0	2026-06-14
`v0.0.0-20260613112121-811ea84fda6d`	Low risk	0	2026-06-14
`v0.0.0-20260613094116-8776ca068c08`	Low risk	0	2026-06-14
`v0.0.0-20260613054411-d424f999dd8f`	Low risk	0	2026-06-14
`v0.0.0-20260613042629-32fc8b502107`	Low risk	0	2026-06-14
`v0.0.0-20260613023953-98767ae01ac2`	Low risk	0	2026-06-14
`v0.0.0-20260612230631-0acdc4b83473`	Low risk	0	2026-06-13
`v0.0.0-20260612191056-d350d70672d8`	Low risk	0	2026-06-13
`v0.0.0-20260612185540-de28d08b7b5e`	Low risk	0	2026-06-13
`v0.0.0-20260612143534-c1884d0b3476`	Low risk	0	2026-06-13
`v0.0.0-20260612021227-60ad889a6f32`	Low risk	0	2026-06-13
`v0.0.0-20260612011950-38d949c65a9f`	Low risk	0	2026-06-13
`v0.0.0-20260612004856-978095cca2cc`	Low risk	0	2026-06-13
`v0.0.0-20260611234446-dd5cbe2b4675`	Low risk	0	2026-06-12
`v0.0.0-20260611232244-86541ea1c17c`	Low risk	0	2026-06-12
`v0.0.0-20260611221236-638ec7d13a44`	Low risk	0	2026-06-12
`v0.0.0-20260611153828-125bcd3689fe`	Low risk	0	2026-06-12
`v0.0.0-20260610133103-96ef3e379224`	Low risk	0	2026-06-11
`v0.0.0-20260610131147-c29bc08d8f3c`	Low risk	0	2026-06-11
`v0.0.0-20260610121201-0001aafb8adf`	Low risk	0	2026-06-11

Block this in CI

PkgRadar gates github.com/b/sorcerer (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/b/[email protected]

Start free — 25 scans / mo View full evidence