Go modules · proxy.golang.org
github.com/digiogithub/pando
Remote Payload: matched "curl "
Why PkgRadar flagged v0.411.1-0.20260601141705-77d3e2c6d1a3
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · github.com/digiogithub/[email protected]/internal/llm/tools/fetch.go |
| medium | Remote Payload | matched "raw.githubusercontent.com" · github.com/digiogithub/[email protected]/internal/skills/catalog/downloader.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.411.1-0.20260601141705-77d3e2c6d1a3 | Review | 29 | 2026-06-03 |
v0.407.0 | Review | 29 | 2026-06-01 |
v0.400.2 | Review | 29 | 2026-05-31 |
v0.403.0 | Review | 29 | 2026-05-31 |
v0.400.0 | Review | 29 | 2026-05-31 |
v0.402.0 | Review | 29 | 2026-05-31 |
v0.400.1 | Review | 29 | 2026-05-31 |
Block this in CI
pkgradar gate --ecosystem go github.com/digiogithub/[email protected]