Go modules · proxy.golang.org
github.com/hecatehq/hecate
Remote Payload: matched "cURL "
Why PkgRadar flagged v0.1.0-alpha.39.0.20260603010456-aea9520ec296
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "cURL " · github.com/hecatehq/[email protected]/cmd/hecate/runtime_state.go |
| medium | Remote Payload | matched "curl " · github.com/hecatehq/[email protected]/internal/agentadapters/toolkind.go |
| medium | Remote Payload | matched "cURL " · github.com/hecatehq/[email protected]/internal/config/config.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.1.0-alpha.39.0.20260603010456-aea9520ec296 | High risk | 36 | 2026-06-04 |
v0.1.0-alpha.39.0.20260601183335-d2b629ebe0fa | High risk | 36 | 2026-06-03 |
v0.1.0-alpha.45 | High risk | 36 | 2026-06-03 |
v0.1.0-alpha.39.0.20260530193656-a68441f6b84b | High risk | 36 | 2026-05-31 |
v0.1.0-alpha.43 | High risk | 36 | 2026-05-31 |
Block this in CI
pkgradar gate --ecosystem go github.com/hecatehq/[email protected]