Go modules · proxy.golang.org
github.com/harness/drone
Shell Credential File Read, Tls Verification Disabled, Remote Payload +3 more
Why PkgRadar flagged v1.0.4-gitspaces-beta.0.20260629152652-90e17cd9a630
| Severity | Signal | Evidence |
|---|---|---|
| high | Shell Credential File Read | — |
| high | Shell Credential File Read | — |
| medium | Tls Verification Disabled | — |
| medium | Remote Payload | — |
| medium | Tls Verification Disabled | — |
| medium | Remote Payload | — |
| medium | Remote Payload | — |
| medium | Tls Verification Disabled | — |
| medium | Tls Verification Disabled | — |
| medium | Remote Payload | — |
| medium | Go Mod Replace Local | — |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.0.4-gitspaces-beta.0.20260629152652-90e17cd9a630 | High risk | 180 | 2026-06-30 |
v0.0.0-20260629152652-90e17cd9a630 | High risk | 180 | 2026-06-30 |
Block this in CI
pkgradar gate --ecosystem go github.com/harness/[email protected]