Go modules · proxy.golang.org
github.com/backendstack21/kode
Remote Payload: matched "curl "
Why PkgRadar flagged v1.8.0
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · github.com/backendstack21/[email protected]/cmd/odek/transcribe_tool.go |
| medium | Remote Payload | matched "curl " · github.com/backendstack21/[email protected]/cmd/odek/vision_tool.go |
| medium | Remote Payload | matched "invoke-webrequest" · github.com/backendstack21/[email protected]/internal/memory/scan.go |
| medium | Remote Payload | matched "curl " · github.com/backendstack21/[email protected]/internal/skills/importer.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.8.0 | High risk | 53 | 2026-06-15 |
v1.2.0 | High risk | 41 | 2026-06-12 |
v1.4.0 | High risk | 53 | 2026-06-12 |
v1.6.0 | High risk | 53 | 2026-06-12 |
v1.3.0 | High risk | 53 | 2026-06-12 |
v1.0.0 | Review | 29 | 2026-05-31 |
Block this in CI
pkgradar gate --ecosystem go github.com/backendstack21/[email protected]