PkgRadar

Go modules · proxy.golang.org

github.com/harmony-one/harmony

Shell Credential File Read, Remote Payload, Go Cgo Preamble

Why PkgRadar flagged v1.10.3-0.20260626095133-d8a190437314

SeveritySignalEvidence
highShell Credential File Read
highShell Credential File Read
highShell Credential File Read
highShell Credential File Read
highShell Credential File Read
mediumRemote Payload

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v1.10.3-0.20260626095133-d8a190437314High risk1122026-06-27
v1.10.3-0.20250131082412-af078c54288bHigh risk1122026-06-27
v1.10.3-0.20220304094917-93a8134fd56aHigh risk1002026-06-27

Block this in CI

PkgRadar gates github.com/harmony-one/harmony (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/harmony-one/[email protected]
Start free — 25 scans / moView full evidence
github.com/harmony-one/harmony — Go modules security scan | PkgRadar