Go modules · proxy.golang.org
github.com/chicoxyzzy/hecate
Remote Payload: matched "cURL "
Why PkgRadar flagged v0.1.0-alpha.22
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "cURL " · github.com/chicoxyzzy/[email protected]/cmd/hecate/runtime_state.go |
| medium | Remote Payload | matched "curl " · github.com/chicoxyzzy/[email protected]/internal/agentadapters/toolkind.go |
| medium | Remote Payload | matched "raw.githubusercontent.com" · github.com/chicoxyzzy/[email protected]/internal/billing/litellm/import.go |
| medium | Remote Payload | matched "cURL " · github.com/chicoxyzzy/[email protected]/internal/config/config.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.1.0-alpha.22 | High risk | 48 | 2026-06-10 |
v0.1.0-alpha.39.0.20260609134946-243570e936f1 | High risk | 36 | 2026-06-10 |
v0.1.0-alpha.24 | High risk | 48 | 2026-06-10 |
v0.1.0-alpha.30 | High risk | 36 | 2026-06-10 |
v0.1.0-alpha.32 | High risk | 36 | 2026-06-10 |
v0.1.0-alpha.34 | High risk | 36 | 2026-06-10 |
v0.1.0-alpha.35 | High risk | 36 | 2026-06-10 |
v0.1.0-alpha.36 | High risk | 36 | 2026-06-10 |
v0.1.0-alpha.37 | High risk | 36 | 2026-06-10 |
v0.1.0-alpha.40 | High risk | 36 | 2026-06-10 |
v0.1.0-alpha.43 | High risk | 36 | 2026-06-10 |
v0.1.0-alpha.44 | High risk | 36 | 2026-06-10 |
v0.1.0-alpha.39.0.20260531105857-91d2a423ae7e | High risk | 36 | 2026-06-01 |
v0.1.0-alpha.45 | High risk | 36 | 2026-06-01 |
Block this in CI
pkgradar gate --ecosystem go github.com/chicoxyzzy/[email protected]