PkgRadar

Go modules · proxy.golang.org

github.com/crisbr10/sequoia

Remote Payload: matched "raw.githubusercontent.com"

Why PkgRadar flagged v1.0.33

SeveritySignalEvidence
mediumRemote Payloadmatched "raw.githubusercontent.com" · github.com/crisbr10/[email protected]/internal/codegraph/install.go

Scanned versions

VersionVerdictScoreScanned (UTC)
v1.0.33Review122026-06-13
v1.0.31Review122026-06-04
v1.0.29Review122026-06-04
v1.0.30Review122026-06-04
v1.0.28Review122026-06-04
v1.0.26Review122026-06-03
v1.0.25Low risk02026-06-03
v1.0.27Review122026-06-03
v1.0.25-0.20260529194409-6ac7febbeec9Low risk02026-05-31
v1.0.23Low risk02026-05-31
v1.0.22Low risk02026-05-29

Block this in CI

PkgRadar gates github.com/crisbr10/sequoia (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/crisbr10/[email protected]
Start free — 25 scans / moView full evidence
github.com/crisbr10/sequoia — Go modules security scan | PkgRadar