PkgRadar

Go modules · proxy.golang.org

github.com/chadgpt/picoclaw

Shipped Live Secret, Tls Verification Disabled, Remote Payload +1 more

Why PkgRadar flagged v0.3.5

SeveritySignalEvidence
highShipped Live Secret
mediumTls Verification Disabled
mediumRemote Payload
mediumRemote Payload

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.3.5High risk812026-06-27
v0.3.2High risk812026-06-27
v0.3.4High risk812026-06-27
v0.3.3High risk812026-06-27
v0.3.1High risk812026-06-27
v0.2.0High risk692026-06-27
v0.2.9High risk812026-06-27
v0.2.9-0.20260626064346-1260fd8e2f9aHigh risk812026-06-27
v0.3.0High risk812026-06-27

Block this in CI

PkgRadar gates github.com/chadgpt/picoclaw (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/chadgpt/[email protected]
Start free — 25 scans / moView full evidence
github.com/chadgpt/picoclaw — Go modules security scan | PkgRadar